Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Onnex YouTube
v4.2.2YouTube transcripts, 4K downloads, and video exploration. Onnex-owned fork of youtube-ultimate. Security reviewed before install.
⭐ 0· 275·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name/description (YouTube transcripts, downloads, exploration) match the included script's capabilities. However the skill declares no required binaries or environment settings while the code clearly expects Python libraries (google-api-python-client, youtube_transcript_api, etc.) and an external downloader (yt-dlp) for downloads. Those runtime requirements are not declared in the registry metadata or SKILL.md, which is an incoherence.
Instruction Scope
SKILL.md and the script's CLI stay within the stated scope (search, transcripts, video details, downloads). The script will read/write files under the user's home config (~/.config/youtube-skill, ~/.config/gogcli) to store OAuth credentials and token.pickle and may open a browser for OAuth. It also uses subprocess to invoke yt-dlp for downloads (subprocess usage is expected but inspect actual arguments in the remainder of the script before trusting safe behavior).
Install Mechanism
There is no install specification. The script includes a comment listing Python dependencies but the skill registry shows no install steps and no required binaries. That mismatch means the agent/runtime may not have the Python packages or yt-dlp available; the skill could fail or behave unexpectedly. Lack of an explicit install step for fetching dependencies is a deployment risk.
Credentials
The skill requests no environment variables, which is consistent with using local OAuth credentials files. It will create/read ~/.config/youtube-skill and a token pickle to persist OAuth tokens; this is proportional for OAuth behavior but you should be aware tokens are stored on disk. One minor oddity: it looks for credentials also under ~/.config/gogcli — unexpected but not necessarily malicious; clarify why that path is checked.
Persistence & Privilege
The skill does not request always:true and does not modify other skills or system-wide settings. It persists only its own credentials/token under the user's config directory, which is normal for OAuth flows.
What to consider before installing
This skill's functionality matches its description, but the package metadata omits required runtime items: you need Python packages (google-api-python-client, google-auth-*, youtube-transcript-api) and the yt-dlp binary for downloads. Before installing: 1) review the remainder of scripts/youtube.py to confirm how subprocess/yt-dlp is invoked and that arguments are safe; 2) ensure you are comfortable with the skill creating and reading files under ~/.config and storing OAuth token.pickle; 3) install dependencies in an isolated environment (virtualenv or sandbox) or ask the publisher for an install spec; and 4) verify the upstream fork/source (Onnex ownership and security review claim) if provenance matters. If you want, I can scan the rest of scripts/youtube.py (the truncated portion) for the exact yt-dlp call and any other subprocess or network usage to reduce uncertainty.Like a lobster shell, security has layers — review code before you run it.
latestvk97a89rvp5h7z0j53tpxz7xaj18287nc
License
MIT-0
Free to use, modify, and redistribute. No attribution required.