ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

短视频脚本创作

v1.0.0

Short video script generator. 短视频脚本生成器、视频脚本、抖音文案、抖音脚本、快手脚本、口播稿、视频拍摄脚本、YouTube脚本、YouTube Shorts脚本、B站脚本、bilibili脚本、分镜脚本、视频大纲、视频文案、短视频创作、Reels脚本、TikTok脚本、vlog脚本...

0· 26·0 current·0 all-time
by@admirobot
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (短视频脚本创作) match the shipped files and commands: Python and Bash templates generate hooks, titles, outlines, storyboards, and examples. No unrelated credentials, cloud SDKs, or unexpected binaries are required.
Instruction Scope
SKILL.md directs the agent to run local scripts (scripts/video-script.sh etc.) and the code only prints/generates script text. The runtime instructions and code do write/read files under a dedicated data directory but do not access system secrets or external endpoints.
Install Mechanism
No install spec or remote downloads. The skill is instruction‑plus‑script only; code executes locally (Python3 and Bash). No network installs or archive extraction are present.
Credentials
No required environment variables or credentials. Scripts accept an optional VIDEO_SCRIPT_DIR env var to change their data directory (reasonable for a tool that saves scripts). No SECRET/TOKEN/KEY requests are present.
Persistence & Privilege
The scripts create and use a local data directory (default: $XDG_DATA_HOME or $HOME/.local/share/video-script-creator), saving scripts and appending history.log. This is expected for a content‑creation tool but does create persistent files in the user's home area.
Assessment
This skill appears to do what it claims: generate short‑video scripts from local templates. Before installing/running: (1) verify you are comfortable with the tool creating files under $XDG_DATA_HOME or ~/.local/share/video-script-creator (saved scripts and history.log); (2) confirm python3 and bash are available; (3) inspect the shipped scripts (they are short and readable) if you want to be extra cautious; (4) no network calls or secrets are requested, so there is no obvious exfiltration risk. If you need zero persistence, run the scripts from a disposable environment or set VIDEO_SCRIPT_DIR to a location you control (like a temporary folder).

Like a lobster shell, security has layers — review code before you run it.

latestvk979qn1wv02p730zjqrcjn1pxd845mvq

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments