YouTube Transcript
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: youtube-transcript Version: 1.0.1 The skill is classified as suspicious due to its use of `subprocess.run` in `scripts/fetch_transcript.py` to execute system commands like `wg-quick up` and `ip rule add`. These commands manage a WireGuard VPN interface and manipulate network routing, which typically requires elevated privileges and grants significant control over the host system's network configuration. While these actions are plausibly needed for the stated purpose of bypassing YouTube's cloud IP blocks, they represent a high-risk capability that could be abused if the agent's environment has broad permissions.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Running a transcript request could change the machine’s VPN and routing state, potentially requiring admin privileges and persisting beyond the immediate task.
During ordinary use, the script can invoke privileged network-management commands to bring up WireGuard and add an IP routing rule; no explicit approval, duplicate-rule handling, or teardown is shown.
if not vpn_ok:
vpn_ok, vpn_msg = bring_up_vpn()
...
subprocess.run(["wg-quick", "up", VPN_INTERFACE], ...)
subprocess.run(["ip", "rule", "add", "from", VPN_SOURCE_IP, "table", "51820"], ...)Require explicit user confirmation before changing VPN/routing state, declare the required binaries and config path, and provide a clear cleanup or teardown command.
The user’s home IP or residential proxy may be associated with automated YouTube requests and could face rate-limit, reputation, or service-policy consequences.
The skill intentionally routes requests through a residential IP to avoid YouTube cloud-IP/bot-detection blocks, which is an anti-blocking/evasion behavior rather than ordinary API access.
Requests from these IPs get 403/429 errors or bot detection. **Solution:** Route requests through a residential IP via WireGuard VPN to a home router.
Prefer official or normal access paths where possible, and make the residential-routing behavior opt-in with clear disclosure of the operational and account/IP-reputation risks.
A misconfigured or overexposed WireGuard setup could expose home-network access or route more traffic than intended.
The setup uses WireGuard private keys and a home-network endpoint; this is expected for the VPN design, but it is sensitive network access that is not represented in the registry’s credential/config declarations.
PrivateKey = <vps_private_key> ... Endpoint = <your-home-ip-or-ddns>:51820 AllowedIPs = 0.0.0.0/0
Use a dedicated WireGuard peer/config for this skill, protect private keys, restrict routing as tightly as possible, and document the required config path in metadata.
Future package changes or a compromised dependency could affect what the skill runs locally.
The setup installs Python packages without pinned versions or a lockfile; this is common for a small helper script but leaves dependency provenance/versioning to the user environment.
pip3 install youtube-transcript-api requests
Pin dependency versions, provide a reviewed install specification or lockfile, and install in an isolated virtual environment.
If a user provides an unlisted or sensitive video ID, that ID is shared with an additional third-party service.
In addition to contacting YouTube through the transcript library, the script sends the video URL/ID to noembed.com to get title metadata; this is purpose-aligned but not highlighted in the main skill description.
resp = requests.get(
f"https://noembed.com/embed?url=https://www.youtube.com/watch?v={video_id}",
timeout=10
)Disclose the noembed.com lookup clearly and offer a way to skip external title lookup when handling sensitive or unlisted videos.