YouTube Digest

Extract transcripts, summaries, chapters, and key moments from public YouTube videos without needing an API key.

This skill appears to do what it claims (extract transcripts and generate summaries) but has a couple of red flags you should consider before installing or running it: - Command injection risk: The CLI calls yt-dlp by building shell command strings that include the user-supplied URL. If you or an agent could pass untrusted strings to this skill, a crafted input could execute arbitrary shell commands. Prefer an implementation that uses child_process.spawn with an args array or escapes input properly. - Documentation/dependency mismatch: SKILL.md claims using YouTube's transcript API, but the code uses yt-dlp; package.json includes an npm dependency that isn't used. This looks like sloppy packaging — verify the source and prefer a provenance you trust. - Runtime requirement: yt-dlp must be installed on the host. The script checks for it and exits if missing. Recommendations: 1) Only run this skill in a trusted, sandboxed environment or inspect/modify the code to sanitize inputs before use. 2) If you will accept URLs from external users or other agents, patch the code to avoid shell interpolation (use spawn with an args array or properly escape quotes), or validate/strictly whitelist URLs. 3) Consider removing unused npm dependencies and aligning documentation with actual behavior before using widely. If you want, I can suggest a safe-code patch (example: replace execSync string invocations with spawn or execFile) or produce a checklist to harden/run this skill safely.

Type: OpenClaw Skill Name: yt-digest Version: 1.0.0 The skill utilizes `child_process.execSync` in `src/cli.js` to execute the external `yt-dlp` command with user-provided URLs. While this capability is plausibly needed for the skill's stated purpose of extracting YouTube video information and transcripts, the direct execution of external commands with user input, even when quoted, introduces a potential command injection vulnerability if the URL is maliciously crafted or if `yt-dlp` itself has a vulnerability that could be exploited. There is no clear evidence of intentional malicious behavior such as data exfiltration or persistence, but the use of this high-risk capability warrants a 'suspicious' classification.