Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Youtube
v1.0.1Search YouTube videos, get channel info, fetch video details and transcripts using YouTube Data API v3 via MCP server or yt-dlp fallback.
⭐ 5· 5.3k·79 current·82 all-time
by@grpaiva
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill's name/description (YouTube search, channel info, transcripts) align with the actions described (calls to YouTube Data API v3, yt-dlp fallback). Requesting a YOUTUBE_API_KEY and using yt-dlp/npm packages is reasonable for this purpose. However, the registry metadata (no required env vars/bins) contradicts the SKILL.md metadata which lists YOUTUBE_API_KEY and required bins/npm packages — an incoherence that should be resolved.
Instruction Scope
SKILL.md instructs the agent to call a local MCP server CLI (node dist/cli.js via mcporter) and to fall back to yt-dlp and reading /tmp/*.vtt files. It does not instruct the agent to read unrelated system files or other credentials. The instructions are explicit and scoped to the YouTube task. Note: it encourages cloning and running third‑party code which could have hidden behaviors; the instructions themselves do not show exfiltration steps.
Install Mechanism
There is no formal install spec in the registry, but SKILL.md tells users to 'npm install -g zubeid-youtube-mcp-server' (and/or git clone the GitHub repo and build) and to pip install yt-dlp. These are standard package sources (npm, GitHub, PyPI) — not inherently malicious — but installing and running an unvetted third‑party MCP server CLI on your machine is a moderate risk because it executes downloaded code locally and could make arbitrary network calls.
Credentials
The only secret the skill needs (per SKILL.md metadata) is YOUTUBE_API_KEY, which is appropriate for YouTube Data API access. But the registry's declared requirements (none) contradict this; the inconsistency weakens trust. The SKILL.md also recommends storing the key in ~/.clawdbot/clawdbot.json — writing a key to a local config file is reasonable but increases the surface if other local code can read that file.
Persistence & Privilege
The skill does not request always:true and is user-invocable; it does not claim to modify other skills or system-wide settings. It does advise installing global npm packages (which modifies the system), but that's expected for a CLI-based integration and not itself excessive privilege.
What to consider before installing
Before installing: (1) Resolve the metadata mismatch — the registry says no env vars/bins but SKILL.md requires YOUTUBE_API_KEY, yt-dlp, and the zubeid-youtube-mcp-server npm package. (2) Inspect the zubeid-youtube-mcp-server repository yourself (or ask the maintainer) before npm installing or running its built CLI; running third‑party CLI code locally can leak data or call unexpected endpoints. (3) Prefer creating and using a restricted API key (restrict to YouTube Data API v3 and, if possible, set HTTP referrer or IP restrictions). (4) Consider running installs and the MCP server in an isolated environment (container or VM) if you don't fully trust the package. (5) If you want a lower-risk option, use yt-dlp alone for transcripts (no API key required) but note that search/channel listings will need the API key. (6) If you provide consent to install, monitor network traffic initially or review the package source to ensure it only calls googleapis.com as claimed.Like a lobster shell, security has layers — review code before you run it.
latestvk974ph61m24dh3tx1xpt8d68298038s5youtubevk976nnt85xk9cr8a9yt3ycz0vn8032m1
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
📹 Clawdis
Binsyt-dlp
Primary envYOUTUBE_API_KEY