transcript
PassAudited by ClawScan on May 1, 2026.
Overview
This is a coherent YouTube transcript integration, but it requires a TranscriptAPI credential and may help create and persist that key for future use.
This skill appears safe for its stated purpose. Before installing, be aware that it sends YouTube video identifiers or URLs to transcriptapi.com, consumes one credit per successful transcript request, and requires a TranscriptAPI key that the setup guide wants stored persistently. Use an approved secret-storage method and do not provide unrelated account credentials.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may call TranscriptAPI and spend a transcript credit when it decides a YouTube video's spoken content is relevant.
The skill authorizes the agent to invoke the transcript API based on inferred video-content needs, not only explicit transcript requests.
description: "Use when the spoken content of a YouTube video is needed — even if not explicitly requested..."
If credits, privacy of video links, or external calls matter, ask the agent to confirm before using the skill.
The agent may receive and store a TranscriptAPI key and may help complete account signup on the user's behalf.
The setup flow asks the agent to handle a service API key, and optionally to create a TranscriptAPI account using user-provided email and verification code.
If yes, paste your API key and I'll set it up. If not, I can create a free account for you right now
Only proceed if you trust this provider and are comfortable giving the agent the API key, email address, and OTP needed for setup.
The key may remain available to the agent in later sessions until removed or rotated.
The artifact instructs persistent storage of the API key across future sessions, but this persistence is disclosed and directly supports the skill's API use.
Store it persistently using whatever method is correct for this environment... available in future sessions, including non-interactive shells
Store the key in the platform's approved secret manager or environment configuration, avoid plaintext shell profiles when possible, and rotate/remove the key if you stop using the skill.