ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Youtube Summarizer

v2.2.0

YouTube and Bilibili video transcript extraction and AI-powered summarization. Use when you need to summarize a YouTube or Bilibili (B站) video, extract trans...

0· 62·0 current·0 all-time
bymcdowelll@mcdowell8023
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description match the files: the script uses yt-dlp, youtube-transcript-api, faster-whisper, and ffmpeg to fetch transcripts, transcribe Bilibili audio, extract frames and produce JSON summaries — this is coherent with the stated purpose.
!
Instruction Scope
The SKILL.md and script instruct using yt-dlp with '--cookies-from-browser chrome' (reads Chrome cookies) and describe an 'innertube ANDROID client + Cloudflare proxy' approach to bypass rate limits. Those steps can access sensitive browser session cookies and involve proxying/more network hops; SKILL.md does not explicitly document where network requests for summaries/images are sent (LLM fallback chain is described but not audited). The skill also suggests agents will post JSON to third-party services (Discord/Notion) in examples — those are examples, not built-in, but increase the potential attack surface when combined with the skill's outputs.
Install Mechanism
Installation is via the provided setup.sh which creates a local venv and pip-installs known PyPI packages (youtube-transcript-api, requests, innertube, faster-whisper). yt-dlp and ffmpeg are installed/required via system package managers (brew or manual). No arbitrary binary downloads or shortener URLs were found; overall install method is reasonable but setup.sh exits if brew is missing (Linux users must install yt-dlp manually).
!
Credentials
The skill requires no secrets to run, but SKILL.md/README list many optional environment variables (LLM_API_URL/KEY, OPENCLAW_GATEWAY_TOKEN, GITHUB_TOKEN, POLLINATIONS_API_KEY). Those are plausible for LLM/image fallbacks, but the README's fallback chain (including GitHub token as a potential LLM source) is unusual and broad. More importantly, use of '--cookies-from-browser chrome' implicitly grants access to browser cookies (not declared as a required config path), which is disproportionate to a simple transcript fetch unless you need authenticated access to gated content.
Persistence & Privilege
Skill does not request always:true and does not modify other skills. It writes its own config/settings.json and creates a local venv under the skill directory (expected). No evidence of requesting permanent elevated system presence.
Scan Findings in Context
[none] expected: Static pre-scan reported no injection signals. The most sensitive operations are explicit in the script (yt-dlp cookie use, ffmpeg, faster-whisper). These are expected for the skill's function but worth manual review.
What to consider before installing
This skill generally does what it says, but review these before installing: - Be aware yt-dlp is invoked with '--cookies-from-browser chrome' — that will access Chrome cookies (possible session tokens). Only allow this if you understand and accept the privacy risk; prefer public videos or export cookies to a limited cookie file instead. - Inspect the rest of summarize.py (the parts not shown) to confirm where transcripts/summaries are sent. If the script calls external LLM/image services, check which endpoints are used and whether any tokens you provide could be exfiltrated. - Avoid supplying broad secrets (GITHUB_TOKEN, OPENCLAW_GATEWAY_TOKEN, etc.) unless you trust the skill and have inspected the code paths that use them. If unsure, run the skill in an isolated environment (container or VM) and monitor outbound network traffic. - The setup script expects Homebrew for yt-dlp install; on Linux manually install yt-dlp/ffmpeg before running setup. If you want, I can scan the remainder of summarize.py for where LLM/API calls are made (endpoints, headers, and any hardcoded URLs) and highlight exact lines that access cookies or environment tokens.

Like a lobster shell, security has layers — review code before you run it.

bilibilivk972wparn71jyjjdpe5qn85vp184rp49latestvk97e0eyk8kyvann8bctnjt92wx84sgfkopenclawvk972wparn71jyjjdpe5qn85vp184rp49summaryvk972wparn71jyjjdpe5qn85vp184rp49transcriptvk972wparn71jyjjdpe5qn85vp184rp49videovk972wparn71jyjjdpe5qn85vp184rp49youtubevk972wparn71jyjjdpe5qn85vp184rp49

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments