ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Gemini Video Analyzer

v1.0.0

Native video analysis using Google Gemini API. Upload and analyze video files — describe scenes, extract text/UI, answer questions about content, transcribe...

0· 331·0 current·0 all-time
by@aiwithabidi
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description say: upload video and analyze via Google Gemini. The included scripts call generativelanguage.googleapis.com, use the GOOGLE_AI_API_KEY, and perform upload/analysis/cleanup — these are coherent. One minor mismatch: the metadata and requires list python3 and curl, but the shipped scripts only call python (urllib). curl is not used anywhere in SKILL.md or the code, so declaring it as required is unnecessary.
Instruction Scope
SKILL.md and the scripts instruct only to read the user-supplied video file and the declared GOOGLE_AI_API_KEY, upload to Google's Files API, poll for processing, and request analysis. There are no instructions to read unrelated host files, secrets, or to send data to third-party endpoints outside the stated Google API domain. The skill will transmit whole video files to Google's servers (expected for this purpose) and may leave them for up to 48 hours per the docs.
Install Mechanism
This is instruction-only with bundled Python scripts and no install spec — nothing is downloaded from arbitrary URLs and no packages are installed automatically. Risk from install mechanisms is low.
Credentials
Only the GOOGLE_AI_API_KEY is required (declared as the primary credential), which is appropriate for accessing Google Generative Language Files API. No unrelated credentials or secrets are requested.
Persistence & Privilege
The skill does not request always:true, does not modify other skills or system-wide configs, and is user-invocable. It runs only when invoked and uses the provided API key for network calls — typical and proportionate.
Assessment
This skill appears to do what it says: it uploads videos to Google's generativelanguage Files API and asks Gemini to analyze them. Before installing or using it, consider the following: (1) Privacy: videos are uploaded to Google and may be retained up to ~48 hours — do not upload sensitive or regulated content unless your policy allows it. (2) API key scope: use a minimally privileged API key, monitor/rotate it, and be aware requests may incur costs; test with small files first. (3) Implementation notes: the scripts send the API key as a query parameter and load entire video files into memory (file_data = f.read()), which can use large amounts of RAM for big files and may fail for very large uploads; you may prefer chunked/resumable uploads and passing credentials via secure headers. (4) Minor inconsistency: the skill declares curl as a required binary but never uses it; that's harmless but unnecessary. (5) Trust & provenance: the homepage is listed but source author is not a known official Google package — you already have the full scripts in the skill bundle (no obfuscated code), so review them if you need to be extra cautious. If you plan to use it in production, consider auditing/patching the upload logic (streaming/chunking, avoid exposing keys in logs/URLs) and limit the API key's permissions and quota.

Like a lobster shell, security has layers — review code before you run it.

Runtime requirements

🎬 Clawdis
Binspython3, curl
EnvGOOGLE_AI_API_KEY
Primary envGOOGLE_AI_API_KEY
latestvk975kkvwfj4tey0t7jse8xkhws829qcr
331downloads
0stars
1versions
Updated 1h ago
v1.0.0
MIT-0
@aiwithabidi
latest
Download

Gemini Video Analyzer

Analyze videos natively using Google Gemini's multimodal API. No frame extraction needed — Gemini processes video at 1 FPS with full motion, audio, and visual understanding.

Quick Start

# Analyze a video with default prompt (full description)
GOOGLE_AI_API_KEY=$GOOGLE_AI_API_KEY python3 {baseDir}/scripts/analyze.py /path/to/video.mp4

# Ask a specific question
GOOGLE_AI_API_KEY=$GOOGLE_AI_API_KEY python3 {baseDir}/scripts/analyze.py /path/to/video.mp4 "What text is visible on screen?"

# Manage uploaded files
GOOGLE_AI_API_KEY=$GOOGLE_AI_API_KEY python3 {baseDir}/scripts/manage_files.py list
GOOGLE_AI_API_KEY=$GOOGLE_AI_API_KEY python3 {baseDir}/scripts/manage_files.py cleanup

Supported Formats

MP4, AVI, MOV, MKV, WebM, FLV, MPEG, MPG, WMV, 3GP — up to 2GB per file.

How It Works

  1. Video uploads to Google's Files API (temporary, auto-deletes after 48h)
  2. Gemini processes at 1 frame/sec — understands motion, transitions, audio context
  3. Model generates response based on your prompt
  4. Way better than frame extraction for understanding temporal content

Use Cases

TaskExample Prompt
General description(default — no prompt needed)
UI/text extraction"What text and UI elements are visible?"
Tutorial summary"Summarize the steps shown in this tutorial"
Bug report from video"Describe what went wrong in this screen recording"
Meeting notes"Summarize the key points discussed"
Content comparisonUpload 2 videos, ask for differences

Configuration

Set GOOGLE_AI_API_KEY in your environment or .env file. Get a free key at aistudio.google.com.

Default model: gemini-2.5-flash (fast, cheap, excellent vision). Override with --model gemini-2.5-pro for complex analysis.

API Reference

See references/gemini-files-api.md for file upload limits, processing details, and advanced options.

Credits

Built by M. Abidi · LinkedIn · YouTube · GitHub · Book a Call

Comments

Loading comments...