Youtube Data
v1.4.1Access YouTube video data — transcripts, metadata, channel info, search, and playlists. A lightweight alternative to Google's YouTube Data API with no quota limits. Use when the user needs structured data from YouTube videos, channels, or playlists without dealing with Google API setup, OAuth, or daily quotas.
⭐ 1· 3.2k·4 current·4 all-time
byRohit Das@therohitdas
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description (YouTube data via TranscriptAPI) matches the required items: TRANSCRIPT_API_KEY, a node binary, and the OpenClaw config path. None of the required env vars or binaries appear unrelated to the described functionality.
Instruction Scope
SKILL.md instructs only: register (email), verify (OTP), and run the provided node script which calls transcriptapi.com and saves the returned API key to ~/.openclaw/openclaw.json. The instructions do not ask the agent to read unrelated files or exfiltrate other credentials.
Install Mechanism
No install spec; the skill is instruction + a small CLI script. There are no download/install steps or external archives. The included script is executed locally via node and makes network requests to transcriptapi.com.
Credentials
Only TRANSCRIPT_API_KEY is required and declared as the primary credential. No unrelated secrets, multiple credentials, or unexplained environment access are requested.
Persistence & Privilege
always:false and agent invocation allowed by default. The script writes only to the declared config path (~/.openclaw/openclaw.json) and backs it up; it does not request system-wide privilege changes or modify other skills' configs.
Assessment
This skill appears internally consistent: it needs node and a TranscriptAPI key and will contact transcriptapi.com to register/verify and retrieve an API key, which it saves to ~/.openclaw/openclaw.json (backed up first). Before installing, consider: (1) Do you trust transcriptapi.com and its privacy policy? the service is acting as an alternative to Google's API and may scrape or aggregate data differently; (2) The CLI will send your email to the service and will receive an API key — avoid using a sensitive or corporate email if you're unsure; (3) The script will write to your OpenClaw config file — review ~/.openclaw/openclaw.json after use to ensure no unexpected data was added; (4) Network activity is limited to transcriptapi.com endpoints according to the code — if you need stricter isolation, review the script and run in a controlled environment first. Overall, nothing in the package looks disproportionate to the stated purpose.Like a lobster shell, security has layers — review code before you run it.
latestvk976jps7zn0a06rd01nwjnd3a980zde2
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
📊 Clawdis
Binsnode
EnvTRANSCRIPT_API_KEY
Config~/.openclaw/openclaw.json
Primary envTRANSCRIPT_API_KEY