Automic VaultAutomic Vault

brew

Install yutu with Homebrew, winget

MCP server and CLI for YouTube. Version 0.10.9 via Homebrew; verified 2026-06-21.

install

Additional install commands

macOS

Homebrewverified · 100%
brew install yutu

local Homebrew formula metadata

Windows

Windows Package Managerverified · 92%
winget install --id eat-pray-ai.yutu -e

Windows Package Manager source index · eat-pray-ai.yutu · source: cdn.winget.microsoft.com

overview

Package summary

MCP server and CLI for YouTube

Commands and aliases

  • yutu

history

Project history and usage

yutu is a Go-based CLI, MCP server, and AI-agent toolkit for YouTube workflows. Its README positions it around uploading and optimizing videos, managing comments, playlists, captions, thumbnails, analytics-related APIs, and channel operations through both command-line and agent interfaces.

Project history

The GitHub repository was created in May 2023. By the 2026 README, the project had expanded beyond a simple YouTube utility into a combined CLI, MCP server, skill, and agent package distributed through GitHub releases, Homebrew, WinGet, npm, Docker, and Go install workflows.

The project sits in the post-MCP tooling wave: the README foregrounds its MCP server and agent modes, with Google OAuth setup as the prerequisite for delegated YouTube operations.

Adoption history

Public GitHub metadata showed hundreds of stars by July 2026, making it visible but still young compared with long-lived YouTube automation tools. Its adoption signal is mostly in packaging breadth and AI-tooling integration rather than long historical deployment.

How it is used

Users create a Google Cloud project, enable YouTube APIs, download OAuth desktop credentials as client_secret.json, run yutu auth, and then use the generated youtube.token.json for later commands. The README also documents environment variables for overriding credential and token paths.

Practical use cases include YouTube upload automation, metadata and playlist management, comment operations, caption and watermark tasks, and exposing these capabilities to MCP clients or the project's own agent mode.

Why package nerds care

yutu is notable as an example of a media CLI being repackaged for agentic workflows. It is not just a YouTube uploader; in package-index terms it shows how command-line tools are becoming MCP servers and agent backends while still needing ordinary package-manager distribution.

Timeline

  • 2023-05-20: GitHub repository is created.
  • 2026: README describes yutu as a CLI, MCP server, skill, and AI agent for YouTube workflows.
  • 2026-07-02: GitHub metadata shows active repository updates on the day of this enrichment run.

Related projects

  • YouTube Data API v3 is the required Google API for core yutu operations.
  • YouTube Analytics API and YouTube Reporting API are optional APIs named by the README for extended workflows.
  • MCP clients are a target integration surface for yutu's server mode.

security posture

Risk level: blue

broad file, network, media, or database tool signal.

Risk classifier

blue risk · medium confidence · tool

Why

  • broad file, network, media, or database tool signal

Signals

  • text:server

Install behavior

  • No Homebrew post-install hook is recorded in formula metadata.
  • Homebrew bottle metadata is available for 6 platform targets.
  • Build metadata lists 1 build dependencies.

Recommended review

Before unattended agent use, check whether the tool reads plaintext credentials, writes remote state, publishes artifacts, or shells out to plugins.

local files

Configuration and credential file locations

These source-backed paths show where this package keeps local settings or durable credentials. Automic Vault can use them as review targets for secret scanning, migration, and command approval.

Credential files

Credential-bearing paths to review before unattended agent runs.

Unix
client_secret.jsonyoutube.token.json

executables

Installed executables

CommandKindExposureNote
yutucliglobal executable

freshness

Version and freshness

These signals separate page generation age, package-manager activity, and upstream release comparison. Version lag is warned only when an evidence URL and comparable versions are present.

page generated2026-07-08
manager version0.10.9
manager updated2026-06-21
local dataok
upstreamcurrent
latest detectedv0.10.9

https://github.com/eat-pray-ai/yutu

  • okNo freshness warnings were generated.

install metadata

Package metadata

Package keybrew:yutu
Version0.10.9
Package managerHomebrew
Package manager pagehttps://formulae.brew.sh/formula/yutu
Homepagehttps://yutu.ifor.dev
Repositoryhttps://github.com/eat-pray-ai/yutu
Upstream docshttps://github.com/eat-pray-ai/yutu#readme
LicenseApache-2.0
Source archivehttps://github.com/eat-pray-ai/yutu/archive/refs/tags/v0.10.9.tar.gz
Last updated2026-06-21T13:01:05Z
Pulseupdated
Build dependenciesgo
Bottleavailable (on arm64_linux, arm64_sequoia, arm64_sonoma, arm64_tahoe, sonoma, x86_64_linux)
Homebrew post-installnot defined
Servicenone declared

registry facts

Source database details

Source DatabaseHomebrew formula API
Taphomebrew/core
Full Nameyutu
Version Scheme0
Revision0
Head VersionHEAD
Bottle Stable Root URLhttps://ghcr.io/v2/homebrew/core
Deprecatedno
Disabledno
Keg Onlyno
URL Keys
  • head
  • stable

source database matches

Other package-manager records

Matches are pulled from external package-manager indexes and kept separate from local Automic Vault package links.

winget95%

eat-pray-ai.yutu

winget install --id eat-pray-ai.yutu -e
  • normalized package name match
  • Matched by: Yutu
Windows Package Manager source index · cdn.winget.microsoft.com · Windows Package Manager source index: eat-pray-ai.yutu from https://cdn.winget.microsoft.com/cache/source.msix

source trail

Generated from repository data

This page is generated by av-web from the private package SQLite artifact built by scripts/generate-pkg-sqlite.py.

Used sources

  • Geiger risk classifier
  • Nucleus package database
  • av.db category and tag curation
  • cross-ecosystem install command graph
  • curated configuration and credential file locations
  • curated package history
  • external package-manager database matches
  • package relationship graph
  • package version freshness
  • package-page enrichment