I ran a bare email through it, with just the text of the GTUBE string in it, and it doesn't seem to trip the system at all. I note in 20_body_tests.cf the following:
body GTUBE /"elided, to keep everyone's email from going bonkers..."/ describe GTUBE Generic Test for Unsolicited Bulk Email tflags GTUBE userconf noautolearn
You can quote the rule.. it doesn't match due to the escape sequences needed for perl parsing.:
body GTUBE /XJS\*C4JDBQADN1\.NSBN3\*2IDNEN\*GTUBE-STANDARD-ANTI-UBE-TEST-EMAIL\*C\.34X/
You need to drop all the \'s from that string to match.
There's also a top-bar link on the spamassassin website called GTUBE which has the tag in un-escaped format.
http://spamassassin.apache.org/gtube/
