Skillv0.1.0

ClawScan security

Movie Subtitle Viewer · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousMar 10, 2026, 12:50 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill mostly does what it says (search/download/parse OpenSubtitles subtitles) but there are several inconsistencies and missing pieces (registry metadata doesn't declare required credentials, some referenced files are absent), so treat it as untrusted until those are clarified.
Guidance: This skill appears to implement an OpenSubtitles client and subtitle parser, which is coherent with its description — but there are several mismatches and missing files you should watch for before installing: - Credentials: The code expects OPENSUBTITLES_API_KEY, OPENSUBTITLES_USERNAME, and OPENSUBTITLES_PASSWORD in the environment, but the registry metadata lists no required env vars. Do not supply credentials until you confirm where and how they will be stored. Prefer creating a dedicated API key/account with least privilege. - Workspace writes: Downloaded subtitle files are saved into the workspace. If that workspace is backed up or synced, sensitive data could be persisted. Consider the storage location and clean-up policy. - Missing/unused files: SKILL.md and README reference a movie_summary.py and scripts/movie_viewer.py that are not present; the summary-generation step is not included in the bundle. Ask the author for the missing files or updated documentation. - Dependency handling: The package lists python-dotenv but code doesn't load it; verify how you will provide env vars (system env vs .env file). Avoid committing .env files with real credentials. If you want to proceed: (1) ask the maintainer to fix the registry metadata to declare required env vars and to provide the missing summary code, (2) run the code in a sandbox or isolated environment, and (3) avoid reusing high-value credentials — create a separate OpenSubtitles account/API key for testing.

Review Dimensions

Purpose & Capability: noteThe code and SKILL.md behavior (searching OpenSubtitles, downloading .srt/.ass, parsing via pysubs2) align with the declared purpose. However the registry metadata claims no required env vars/credentials while both SKILL.md and subtitle_client.py clearly require OPENSUBTITLES_API_KEY, OPENSUBTITLES_USERNAME, and OPENSUBTITLES_PASSWORD — that registry omission is an inconsistency that should be corrected.
Instruction Scope: concernRuntime instructions and code explicitly read OpenSubtitles credentials from environment variables and save downloaded subtitle files into the workspace. The SKILL.md also references higher-level features (generating summaries) and files (movie_summary.py, scripts/movie_viewer.py) that are not present in the package — the missing components and the discrepancy between declared and actually-used env vars are scope/integrity concerns. The instructions do not ask for unrelated system files, but they do rely on environment variables that the registry didn't list.
Install Mechanism: noteThere is no install spec (instruction-only from platform perspective) but a requirements.txt is included and README suggests pip installing pysubs2, requests, and python-dotenv. This is low-to-moderate risk; no arbitrary remote downloads or extract steps are present. One minor inconsistency: python-dotenv is listed but the code does not call dotenv.load_dotenv (it expects env vars to be set), and README/SKILL.md reference files (.env.example) that are not in the bundle.
Credentials: concernThe environment variables required by the code (OPENSUBTITLES_API_KEY, OPENSUBTITLES_USERNAME, OPENSUBTITLES_PASSWORD) are appropriate for accessing OpenSubtitles, but the registry metadata does not declare them (primaryEnv is none). That mismatch could cause users to miss that credentials are needed. The skill will store downloaded subtitle files in the workspace — consider whether you want API credentials and downloaded files in that environment.
Persistence & Privilege: okThe skill does not request always:true and it does not attempt to modify other skills or system-wide configuration. It writes subtitle files to the workspace (normal for this function) but does not request elevated or persistent platform privileges.