v0.10.7-dev

YouTube Watermark

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 7:06 AM.

Analysis

The skill is coherent, but it gives an agent OAuth-backed ability to change or remove a YouTube channel watermark, so it deserves review before installation.

GuidanceReview this skill before installing if the YouTube channel is personal, business-critical, or public-facing. Use it only with credentials for the intended channel, confirm every set/unset action before execution, and protect or revoke the cached OAuth token when finished.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation

SeverityMediumConfidenceHighStatusConcern

references/watermark-set.md

yutu watermark set [flags]

The skill exposes a direct command to change a YouTube channel watermark; the companion unset reference similarly exposes direct removal, and the artifacts do not describe an added confirmation or dry-run step.

User impactIf invoked with valid credentials, the agent can change or remove the watermark shown on a YouTube channel’s videos.

RecommendationOnly install/use this skill if you are comfortable letting the agent perform this channel-management action; require explicit confirmation of the channel ID, file, and intended action before running set or unset.

Agentic Supply Chain Vulnerabilities

SeverityLowConfidenceHighStatusNote

references/setup.md

npm i -g @eat-pray-ai/yutu

The skill relies on installing an external global CLI package. This is central to the skill’s purpose, but users should verify the package provenance and version before granting it YouTube credentials.

User impactThe installed yutu CLI will be the component handling OAuth credentials and issuing YouTube API changes.

RecommendationInstall yutu only from a trusted source, prefer pinned/reviewed versions where possible, and keep it updated from the official project.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityMediumConfidenceHighStatusNote

SKILL.md

requires:\n      env:\n        - YUTU_CREDENTIAL\n        - YUTU_CACHE_TOKEN\n      config:\n        - client_secret.json\n        - youtube.token.json

The skill requires OAuth credential and token material to access the YouTube API. This is expected for the purpose, but it grants delegated access to the user’s YouTube account/channel.

User impactAnyone or any agent with access to these files or environment variables may be able to act through the authorized YouTube account within the granted scopes.

RecommendationUse the minimum necessary OAuth scopes, store credential/token files securely, avoid sharing them with unrelated skills, and revoke the token if it is no longer needed.