Skillv1.0.0

ClawScan security

YouTube Transcript Analyzer · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignFeb 16, 2026, 1:54 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's files and instructions are consistent with its stated purpose (extracting and analyzing YouTube transcripts); it downloads yt-dlp into the user's home if needed but otherwise does not request unexplained credentials or access.
Guidance: This skill appears to do what it says: extract YouTube captions (via yt-dlp) and provide AI-driven analysis. Things to consider before installing: (1) the bundled script may download and write an executable to $HOME/yt-dlp and then run it — review the script and be comfortable with that change or run in a sandbox; (2) the script fetches yt-dlp from GitHub releases (a common source), but any runtime binary download increases risk compared to purely instruction-only skills; (3) the skill does not request credentials or access other files, and does not exfiltrate data in its code, but transcripts from private/age-restricted videos cannot be retrieved and the tool will surface that limitation; (4) if you want tighter control, run the script manually first to inspect behavior or pre-install yt-dlp yourself so the skill won't download anything automatically.

Purpose & Capability: okName/description match the included assets: SKILL.md documents transcript extraction and analysis and the repo contains a script that extracts captions from YouTube. Requiring yt-dlp (downloaded by the script) is coherent with the stated purpose; no unrelated credentials or tools are requested.
Instruction Scope: okRuntime instructions are narrowly scoped: run scripts/extract_transcript.sh on a YouTube URL, read the generated transcript, and run analysis. The SKILL.md's fallback mention of web_fetch is reasonable for unavailable transcripts. The skill does not instruct reading arbitrary system files or exfiltrating data.
Install Mechanism: noteThere is no package install spec, but the included script will attempt to download a yt-dlp binary from a GitHub releases URL into $HOME/yt-dlp and make it executable. GitHub releases is an expected source, but runtime download-and-execute behavior is a persistent change the user should be aware of.
Credentials: okThe skill declares no required environment variables or credentials. The script only relies on $HOME (standard) and does not access other secrets or config paths.
Persistence & Privilege: notealways is false and the skill is user-invocable. The only persistent side-effect is placing an executable at $HOME/yt-dlp if not present. It does not modify other skills or system-wide agent settings.