Skillv1.0.0

ClawScan security

YouTube Subtitle Extractor · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 5, 2026, 7:23 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill appears to do what it says (download YouTube subtitles) and the included script is small and readable, but the package metadata and SKILL.md omit required external binaries (yt-dlp and likely ffmpeg) and the install instructions pull raw files from a GitHub account without provenance — these inconsistencies warrant caution.
Guidance: This skill's code is small and consistent with subtitle extraction, but it has two practical issues to consider before installing: 1) Missing declared dependencies: The script runs the yt-dlp binary (and --convert-subs may require ffmpeg). The skill metadata does not list these required binaries. Install and verify yt-dlp (and ffmpeg if needed) from trusted sources before running. 2) Source provenance: SKILL.md recommends downloading raw files from a GitHub account. Verify the repository/author (mcbaivn) and review the fetched files yourself before running them. Prefer cloning a known repo tag or a signed release if available. 3) Disk and network behavior: Running the tool causes network downloads from YouTube (via yt-dlp) and writes files to your filesystem (Youtube_Subtitles/). If you run it against a channel without --limit, it may download many videos' subtitles; use --limit to avoid large downloads. 4) Safety posture: If you have concerns, run the script in a sandbox or isolated environment, inspect the downloaded script for unexpected functionality, and ensure yt-dlp/ffmpeg come from official sources. If you need help verifying the GitHub source or the binaries, ask for guidance.

Review Dimensions

Purpose & Capability: concernThe skill's purpose is subtitle extraction, which legitimately requires an external downloader (yt-dlp) and often ffmpeg for conversions. However the registry metadata declares no required binaries and SKILL.md does not tell the user to install yt-dlp/ffmpeg. That mismatch (a tool that clearly depends on external binaries but doesn't declare them) is inconsistent and could surprise users.
Instruction Scope: okSKILL.md and the script stay on-purpose: they instruct downloading the SKILL.md and script from a GitHub repo and running a local Python script which calls yt-dlp to fetch subtitles and write files to disk. The instructions do not ask the agent to read unrelated files, exfiltrate data to third-party endpoints, or access credentials.
Install Mechanism: noteInstallation instructions are manual and fetch raw files from raw.githubusercontent.com (a common pattern). This is a moderate-risk pattern because it executes code pulled directly from a GitHub account without a release signature; verify the repository and commit history before running. There is no automated install spec, and no archive extraction from unknown URLs.
Credentials: okThe skill requires no environment variables or credentials, which is appropriate for its stated purpose. However it does rely on external binaries (yt-dlp and possibly ffmpeg) that are not declared in the metadata — this is not a credential leak but is a proportionality/declared-requirements omission.
Persistence & Privilege: okThe skill does not request 'always: true', does not modify other skills or system-wide agent settings, and does not persist credentials. It writes subtitle files to the local filesystem (Youtube_Subtitles/), which is expected behavior for this functionality.