OpenStoryline Install
Security checks across static analysis, malware telemetry, and agentic risk
Overview
The skill appears to be a coherent local installer, but users should review its system install commands, API-key configuration, and long-running local services before using it.
Before using this skill, confirm you trust the FireRed-OpenStoryline repository, approve any sudo or package-manager commands, protect API keys placed in config.toml, and keep the MCP/web services bound to localhost unless you intentionally need external access.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may install system packages on the user's machine.
The skill documents privileged OS package installation for missing prerequisites. This is expected for an installer, but it changes the user's system and should be explicitly approved.
sudo apt-get update sudo apt-get install -y ffmpeg wget unzip
Approve privileged package-manager commands only after confirming the packages and package manager are appropriate for your system.
The installation depends on the behavior of the upstream repository and its scripts.
The skill tells the agent to clone an external project, install its dependencies, and run its download script. This is central to installing from source, but it executes code and scripts outside the reviewed skill artifact.
git clone https://github.com/FireRedTeam/FireRed-OpenStoryline.git ... .venv/bin/python -m pip install -r requirements.txt ... bash download.sh
Use a trusted checkout, review upstream install scripts when possible, and run the setup in a controlled project directory.
Provider API keys may be written into a local config file and used by the installed application.
The skill instructs configuration of LLM/VLM provider API keys and mentions optional provider keys. This is expected for the application, and there is no artifact evidence of leakage, but it involves sensitive credentials.
.venv/bin/python scripts/update_config.py --config ./config.toml --set llm.api_key=sk-REPLACE_WITH_REAL_KEY
Use least-privilege keys where available, avoid sharing config.toml, and rotate keys if they are exposed.
The application may keep local service ports open while it is running.
The skill starts local MCP and web services. This is disclosed and purpose-aligned, and the instructions prefer 127.0.0.1, but local services can expose an interface to other local tools or agents.
Start MCP and web servers ... These are long-running processes ... PYTHONPATH=src .venv/bin/python -m open_storyline.mcp.server
Keep services bound to localhost unless external access is truly needed, and stop the processes when you are done.