Is antoniojps/tubelab-api safe?
https://github.com/openclaw/skills/tree/main/skills/antoniojps/tubelab-api
The tubelab-api skill is a well-structured, documentation-only API client for the TubeLab YouTube analytics service. It contains no prompt injection, no executable code, no git hooks or submodules, and no instructions to access local sensitive files. The canary file reads observed in monitoring pre-date the skill clone and are attributable to the audit framework's own baseline checks, confirmed by the intact canary integrity report. The only material concerns are expected by design: the TUBELAB_API_KEY is transmitted to the third-party tubelab.net service on every call, and the scan endpoints can consume 50–100 credits per invocation without per-call confirmation gates.
Category Scores
Findings (4)
LOW API key sent to third-party commercial endpoint on every call -9 ▶
Every API operation transmits TUBELAB_API_KEY to public-api.tubelab.net. This is the intended design and the API key is scoped to the TubeLab service, but users should be aware their key is sent externally on each agent-initiated call.
LOW Unconfirmed per-call credit expenditure -5 ▶
The skill documents that search endpoints cost 5–10 credits and scan endpoints cost 50–100 credits per invocation. Without explicit per-call confirmation prompts in the skill instructions, an active agent could exhaust credits across many requests.
INFO Canary file reads attributed to audit framework, not skill 0 ▶
Canary files were read before the skill was cloned and again after install in a pattern consistent with pre/post audit baseline operations. The integrity check confirms no modification or content exfiltration occurred.
INFO No executable code, install scripts, hooks, or submodules present 0 ▶
The skill package contains only skill.md and _meta.json. No package.json, no git hooks, no .gitattributes filters, no symlinks, no submodules, and no binary payloads were found.