ClawHub

YouTube to Chinese

Security checks across static analysis, malware telemetry, and agentic risk

Overview

The skill mostly matches its YouTube-to-Chinese purpose, but it can use local browser cookies/session data and an unpinned downloaded yt-dlp binary, so it should be reviewed before use.

Use the skill for public YouTube videos without cookies when possible. If YouTube blocks access, prefer a narrowly exported cookies file over `browser:chrome`, and be aware that cookie access can use your logged-in browser session. Verify or safely install yt-dlp instead of blindly running an unpinned `/tmp` executable.

Static analysis

No static analysis findings were reported for this release.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal

Risk analysis

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

#ASI03: Identity and Privilege Abuse
Medium
What this means

If used, the agent may access browser login/session cookies to download restricted YouTube content, which could expose or misuse account session authority beyond a simple public-video transcription.

Why it was flagged

The skill explicitly supports reading a cookies file or Chrome browser cookies. Browser cookies are local session credentials and the registry declares no required credentials or config paths.

Skill content
第 3 参数传 cookies 文件路径(`/path/to/cookies.txt`)或 `browser:chrome`(从 Chrome 读取 cookies)
Recommendation

Only use cookie mode if necessary and with a dedicated/exported YouTube cookies file where possible; avoid granting broad browser-cookie access unless you trust the environment and understand the account access involved.

#ASI04: Agentic Supply Chain Vulnerabilities
Low
What this means

A user who follows the command will run a newly downloaded executable, and the exact version/content is not fixed by the skill artifacts.

Why it was flagged

The troubleshooting instructions download the latest yt-dlp executable from GitHub into `/tmp` without pinning a version or verifying a checksum. This is purpose-aligned but has supply-chain risk.

Skill content
curl -sL https://github.com/yt-dlp/yt-dlp/releases/latest/download/yt-dlp -o /tmp/yt-dlp && chmod +x /tmp/yt-dlp
Recommendation

Prefer installing yt-dlp through a trusted package manager or verify the downloaded binary/version before use.