Youtube Transcript Api
PassAudited by ClawScan on May 1, 2026.
Overview
This is a coherent instruction-only integration for YouTubeTranscript.dev, with expected but noteworthy use of an API key, third-party API calls, optional webhooks, and an optional npm SDK.
Before installing, make sure you are comfortable sharing YouTube video IDs or transcript jobs with YouTubeTranscript.dev, using a service API key, and potentially consuming credits for batch or ASR requests. Treat any optional npm SDK install as third-party code and use only webhook URLs you control.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may ask for and use your YouTubeTranscript.dev API key, which could consume credits or access your account quota.
The skill expects use of a service API key, which is sensitive account access even though it is directly related to the transcript API purpose.
**Authentication:** Bearer token via `Authorization: Bearer YOUR_API_KEY`
Use a service-specific key, avoid pasting it into unrelated conversations, and revoke or rotate it if exposed.
Large batch or ASR requests may use paid credits or quota if run without clear user confirmation.
The skill documents batch API use, which is aligned with its purpose but can perform many requests and consume service credits.
`POST` | `/api/v2/batch` | Extract transcripts from up to 100 videos |
Confirm the video list, source mode, and expected credit cost before running batch or ASR jobs.
Transcript job results may be delivered to the webhook URL provided, so a wrong or shared URL could expose transcript data.
The skill supports sending async ASR results to a webhook URL, which is expected for this workflow but creates an external delivery path for transcript results.
`webhook_url` | No | URL for async delivery (required for `source="asr"`)
Use only webhook endpoints you control and consider adding authentication or verification for incoming webhook deliveries.
Installing the optional SDK would add third-party package code to the local environment.
The documentation includes an optional unpinned npm package installation example; it is not automatic and is consistent with the API integration.
npm install youtube-audio-transcript-api
Install the SDK only if needed, verify the package source, and pin or review the dependency in production projects.