Back to skill
Skillv0.10.7-dev
ClawScan security
YouTube Subscription · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 14, 2026, 2:10 PM
- Verdict
- Benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's claims, required files/variables, and install method are coherent with a YouTube subscription CLI wrapper and do not request unrelated secrets or elevated persistence.
- Guidance
- This skill appears coherent with its purpose, but before installing: (1) Inspect the upstream project (https://github.com/eat-pray-ai/yutu) to verify maintainership, recent releases, and issues; (2) prefer installing via your platform package manager (brew/winget) or a vetted npm registry rather than running unknown binaries; (3) only supply OAuth credentials with the minimal scopes needed and avoid placing long-lived secrets in global env vars if possible; (4) keep youtube.token.json in a secure location and consider a dedicated account for automation; (5) if you need stronger assurance, review the yutu package source code or run it in an isolated environment/container before giving it access to your primary Google account.
Review Dimensions
- Purpose & Capability
- okName/description match the runtime instructions and required items: a yutu CLI plus Google OAuth credentials and a cached token are exactly what a YouTube subscription manager needs.
- Instruction Scope
- okSKILL.md and reference docs only instruct using the yutu CLI and its auth flow (yutu auth). They do not ask the agent to read unrelated files or send data to endpoints outside YouTube/GCP.
- Install Mechanism
- okInstall spec references an npm package @eat-pray-ai/yutu which produces the required yutu binary; the README also documents official releases/brew/winget options. No arbitrary download URLs or extract-from-unknown-host installs are used.
- Credentials
- okRequired environment variables (YUTU_CREDENTIAL, YUTU_CACHE_TOKEN) and config paths (client_secret.json, youtube.token.json) are directly related to OAuth authorization for YouTube and are proportionate to the stated functionality.
- Persistence & Privilege
- okalways is false and the skill does not request elevated system persistence or modify other skills; autonomous invocation is allowed but is the normal platform default and not combined with other concerns here.