Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
yc
v0.3.2CLI for YC Startup School, a16z Speedrun, SPC, and startup program discovery — weekly updates, dashboard, applications, accelerator deadlines
⭐ 0· 442·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
The CLI's code and dependencies match the description: it reads Startup School cookies to call GraphQL/REST endpoints, uses Playwright to automate SPC Airtable forms, and exposes commands for discovery and submissions. Dependencies (sweet-cookie, playwright) and required binary 'yc' are appropriate for the stated features.
Instruction Scope
Runtime instructions and code legitimately require reading browser cookie stores and extracting CSRF tokens, and may prompt macOS Keychain for decrypting Chrome cookies — these are necessary for the 'whoami', dashboard, and submit workflows. The SKILL.md and code do not appear to instruct the agent to read unrelated system files or to exfiltrate data to unexpected endpoints; network calls target startupschool.org, speedrun/a16z endpoints, GCS signed URLs, and Airtable forms as expected.
Install Mechanism
Install is via an npm package (@lucasygu/yc) which is normal, but the postinstall script performs additional actions: it creates ~/.claude/skills/yc-cli (a symlink into the user's home directory) and patches files inside node_modules/@steipete/sweet-cookie. Those write operations modify the user environment and installed package files during installation, increasing the installation footprint and requiring explicit user awareness/consent.
Credentials
No environment variables or external API keys are requested, which is proportional. However, the tool reads browser cookie stores and uses the macOS Keychain (via sweet-cookie) to decrypt session cookies for startupschool.org — this grants the CLI access to sensitive session tokens needed to act on behalf of the user. This access is justified by the feature set but is privacy-sensitive and requires user consent.
Persistence & Privilege
The package does not set always:true and does not demand elevated system privileges, but its postinstall creates a persistent symlink (~/.claude/skills/yc-cli) to register itself with a local AI agent ecosystem and modifies package files in node_modules. Preuninstall includes cleanup logic, but the installation does leave persistent artifacts in the user's home directory.
Assessment
This package appears to do what it claims, but it accesses sensitive browser session cookies (and thus may act with your logged-in identity on startupschool.org) and its installer writes to your home directory and patches installed package files. Before installing: 1) Verify the package source (check the GitHub repo linked in SKILL.md and confirm the author/trustworthiness); 2) Expect macOS Keychain prompts to decrypt Chrome cookies — only allow if you trust the tool; 3) Be aware the postinstall will create ~/.claude/skills/yc-cli (so it integrates with local AI agent tooling) and will attempt to patch node_modules/@steipete/sweet-cookie; if you prefer, inspect or run the postinstall script manually and perform symlink or patches yourself instead of allowing automatic postinstall; 4) Playwright may download browser engines during install (large files) — consider installing in a controlled environment or container if you want to limit persistent changes; 5) If you are unsure, audit the repository source code and run the CLI in an isolated VM or container rather than on a primary workstation.Like a lobster shell, security has layers — review code before you run it.
latestvk97ewbzpyy128phq9wwxe8d88s82g3x9
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
OSmacOS
Binsyc
Install
Node
Bins: yc
npm i -g @lucasygu/yc