Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Keyapi Youtube Channel Analysis
v1.0.0Discover, profile, and analyze YouTube channels — retrieve channel metadata, video libraries, convert between channel IDs and URLs, search channels by keywor...
⭐ 0· 54·0 current·0 all-time
by@lycici
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
OpenClaw
Benign
high confidencePurpose & Capability
The name/description promise YouTube channel discovery and analysis via the KeyAPI MCP service. The skill requires NODE and a KEYAPI_TOKEN and includes a small runner (scripts/run.js) plus a dependency on @modelcontextprotocol/sdk — all expected for calling the KeyAPI MCP. There are no unrelated credentials or binaries requested.
Instruction Scope
SKILL.md directs the agent to install dependencies (npm install), set KEYAPI_TOKEN, and run node scripts/run.js to list or call MCP tools. The code reads a .env file, will prompt for a token if missing, and will persist the token to a .env file when entered. It also writes cache files (.keyapi-cache) and can write results to an --output path. These file I/O actions are within the stated purpose but are persistent and worth being aware of.
Install Mechanism
No remote download/install script is included; the package.json declares a single SDK dependency and the SKILL.md asks the user to run npm install. This is a standard, proportional install approach (no arbitrary external archives or URL downloads).
Credentials
Only KEYAPI_TOKEN (primary credential) and an optional KEYAPI_SERVER_URL override are used. That aligns with a service-client skill. The code does persist the token to a local .env file (unencrypted), which the user should avoid committing to source control.
Persistence & Privilege
The skill is not forced-always or otherwise privileged. It persists its own cache (.keyapi-cache) and may create a .env file in the skill directory; it does not modify other skills or global agent configuration. Autonomous invocation is allowed by default (platform normal), but this skill's footprint is limited to its directory by default.
Assessment
This skill appears to do what it says: it calls KeyAPI MCP tools to analyze YouTube channels and needs only KEYAPI_TOKEN and node. Before installing: 1) Do not commit the .env file that the tool may create — it stores your token in plaintext in the skill directory. 2) Prefer creating and using a least-privilege token from keyapi.ai and rotate it if exposed. 3) Review or run the tool in an isolated environment (or container) if you want to limit where it can write cache or output files. 4) If you plan to override KEYAPI_SERVER_URL, verify the server is trustworthy — that override lets the runner talk to any endpoint. If you want, inspect the remainder of scripts/run.js (the network-call portion) to confirm no unexpected remote hosts are contacted beyond the configured MCP server.scripts/run.js:52
Environment variable access combined with network send.
scripts/run.js:37
File read combined with network send (possible exfiltration).
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.Like a lobster shell, security has layers — review code before you run it.
latestvk973qw64pwzh7yx3w31rw69vd984c0t9
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
📺 Clawdis
Binsnode
EnvKEYAPI_TOKEN
Primary envKEYAPI_TOKEN