Skillv1.0.2026041402

ClawScan security

video-summarize · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

ReviewApr 14, 2026, 2:13 PM

Verdict: Review
Confidence: high
Model: gpt-5-mini
Summary: The skill does what it claims (download subtitles, transcribe with Whisper, summarize) but its installer modifies your system (may install Homebrew, writes to shell profile), it implicitly uses your Chrome browser cookies, and it makes platform assumptions that aren't declared — these behaviors are not fully proportional or declared.
Guidance: This skill largely implements video→subtitle→transcribe→summarize, but it performs actions you should review before installing: (1) install_dependency.sh will attempt to install Homebrew (via curl of the official installer), add brew to your shell profile (~/.zprofile), install system packages (ffmpeg, whisper-cpp) and pip packages in a virtualenv, and download a Whisper model file; (2) process.sh will use yt-dlp with --cookies-from-browser chrome which accesses your browser cookies (potentially exposing authenticated content and private cookies); (3) the scripts assume a Homebrew-capable environment (macOS/Linux with brew) despite no OS restriction. Recommendations: inspect the install and process scripts line-by-line; run the install steps manually rather than as a single unattended script; if you don't want the skill to access browser cookies, remove/avoid the --cookies-from-browser option; consider running the skill in an isolated VM/container; and if you are uncomfortable with Homebrew or shell-profile modifications, do not run the installer or adapt it to your environment (install dependencies yourself and supply the model). If you need a lower-privilege alternative, ask the author to provide a containerized image or clearer, non-invasive install instructions.

Review Dimensions

Purpose & Capability: noteThe declared purpose (video summarization using subtitles or Whisper) matches the scripts: yt-dlp, ffmpeg, and whisper.cpp are used as expected. However the script uses yt-dlp's --cookies-from-browser chrome for YouTube links, which implies reading browser cookies (broader access than 'public videos' claim) and the installer assumes Homebrew is available/appropriate despite no OS restriction in metadata.
Instruction Scope: concernRuntime instructions and scripts instruct the agent/user to run install_dependency.sh and process.sh. process.sh invokes yt-dlp with --cookies-from-browser chrome (accesses browser cookies), reads/writes filesystem under the skill directory and ~/.zprofile may be modified by the installer. The SKILL.md promises only public videos, but use of browser cookies can access authenticated/region-restricted content — this is scope creep and a privacy risk.
Install Mechanism: concernThe install script will curl and run the Homebrew installer (raw.githubusercontent.com), install brew packages, write to ~/.zprofile for brew environment, create a virtualenv and pip-install yt-dlp, and curl a model file from a Hugging Face URL. These are traceable sources but are system-changing actions (installer execution, shell profile modification, package installs) and assume a Homebrew-capable environment even though the skill metadata declares no OS restrictions.
Credentials: concernNo environment variables or config paths are declared, yet the code implicitly accesses browser cookies via yt-dlp (sensitive data) and will alter the user's shell profile to add Homebrew to PATH. Required privileges (ability to install Homebrew and brew packages, modify ~/.zprofile) are not surfaced in the skill metadata.
Persistence & Privilege: concernThe skill is not always-enabled, but the installer makes persistent changes: it can install Homebrew system-wide and append to ~/.zprofile, create a .venv and download models into the skill directory. These persistent system changes increase blast radius if you install without review.