Skillv1.6.4

ClawScan security

Video Summary · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 13, 2026, 3:34 AM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill's files, instructions, and requested tools are consistent with a local video-downloading/transcription/summarization helper; no obvious exfiltration or unrelated credential requests were found, though there are small inconsistencies to review before use.
Guidance: This skill is internally consistent with its purpose of downloading/transcribing videos and producing LLM-ready requests. Before installing: 1) Verify you trust the skill source (homepage is missing). 2) Only provide cookie files from your own browser (these allow access to your accounts). 3) You don't need to set OPENAI_API_KEY or OPENAI_BASE_URL for the script to extract subtitles; these are only needed if you or your agent will call an LLM. 4) The script uses a local 'whisper' binary for transcription but doesn't declare it in the top-level required bins — install openai-whisper (or an equivalent) if you plan to transcribe. 5) Because OPENAI_BASE_URL can point to any API host, avoid setting it to untrusted endpoints if you plan to have the agent call LLMs. If you want higher confidence, ask for a full review of the truncated portions of video-summary.sh (to ensure there are no hidden network calls or logging) and confirm the absence of telemetry or remote endpoints in the rest of the script.

Review Dimensions

Purpose & Capability: okThe skill claims to download video content, extract subtitles/transcripts, and produce structured LLM prompts. The required binaries (yt-dlp, jq, ffmpeg, ffprobe, bc) are appropriate for that purpose. The included shell script implements expected functionality for platform detection, subtitle extraction, and Whisper-based transcription. Minor mismatch: the script requires the 'whisper' command when transcription is requested but 'whisper' is not listed in the top-level required binaries; the script's internal dependency check also omits ffprobe and bc even though they are used elsewhere.
Instruction Scope: okSKILL.md and the script stick to the stated task: fetching video metadata/subtitles via yt-dlp, optionally transcribing locally with Whisper, and emitting structured summary requests for an LLM. The script reads a cookies file when provided (used only to access restricted platform content) and writes transient files under /tmp which it attempts to clean up. There is no code in the provided script that sends cookies, API keys, or transcripts to external endpoints directly; network access is via yt-dlp to the video platforms, which is expected behavior.
Install Mechanism: okThere is no install spec — the skill is instruction/script only. That is the lowest-risk install mechanism: no archives or remote code downloads are executed by the skill installer itself. The script suggests standard package installs (pip/apt/brew) but does not perform any remote install steps.
Credentials: noteThe skill does not require credentials to run. It documents optional environment variables (OPENAI_API_KEY, OPENAI_BASE_URL, VIDEO_SUMMARY_COOKIES, VIDEO_SUMMARY_WHISPER_MODEL). Those are proportionate: cookies are needed to access restricted videos, and OPENAI_* variables are optional metadata for downstream LLM use. Notes: SKILL.md contains mixed statements ('No API key required' vs. script header saying 'User must set OPENAI_API_KEY and OPENAI_BASE_URL'), which is inconsistent but not evidence of exfiltration. Because OPENAI_BASE_URL can point to an arbitrary endpoint, users should be careful which API endpoint they set if they intend the agent to call LLMs.
Persistence & Privilege: okThe skill does not request always:true and does not persist configuration or credentials. It runs as a transient script that writes temporary files under /tmp and cleans them up. It does not modify other skills or global agent settings.