v1.0.7

Subtitle Generator

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 7:56 AM.

Analysis

The subtitle-generation function is mostly purpose-aligned, but it needs review because it auto-installs unpinned packages, gives broad cleanup/process-control instructions, and can overwrite or delete local files.

GuidanceInstall only if you are comfortable with first-run dependency installation into ~/.whisper-venv and local file writes. Run it on files/directories where overwriting an existing .srt/.vtt or audio.wav would not be harmful, and prefer a version that pins dependencies and scopes cleanup to known temporary files.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Agentic Supply Chain Vulnerabilities

SeverityMediumConfidenceHighStatusConcern

engines/__init__.py

result = subprocess.run([str(pip_path), "install", "-r", str(requirements_path)], ...)

At runtime the skill can create a persistent virtual environment and install dependencies automatically; requirements.txt lists unpinned packages, so the installed code can change without a pinned provenance trail.

User impactFirst use may download and run third-party package code on the user's machine without a separate install review step.

RecommendationPin dependency versions, declare the install mechanism in metadata, and ask the user before first-run installation.

Tool Misuse and Exploitation

SeverityMediumConfidenceHighStatusConcern

SKILL.md

任务完成后（进程退出码为 0 或出错）**必须 kill 相关进程** ... 清理 `/tmp` 中的临时文件

The mandatory workflow tells the agent to kill related processes and clean /tmp, but does not define exact process IDs or skill-owned file paths.

User impactA broadly interpreted cleanup step could terminate unrelated work or remove unrelated temporary files.

RecommendationLimit cleanup to the specific spawned process ID and explicitly named skill-created temp files.

Cascading Failures

SeverityMediumConfidenceHighStatusConcern

subtitle/processor.py

def _extract_audio(... output_audio: str = "audio.wav") ... .overwrite_output() ... audio_path.unlink(missing_ok=True)

The audio extraction uses a fixed filename in the current working directory, overwrites it, and deletes it afterward.

User impactIf an unrelated audio.wav exists in the working directory, it may be overwritten and deleted during subtitle generation.

RecommendationUse a unique temporary directory/file via tempfile and avoid overwriting existing subtitle outputs without confirmation.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Insecure Inter-Agent Communication

SeverityLowConfidenceHighStatusNote

scripts/main.py

notify_msg = f"【字幕生成完成】\n文件：{result_path.name}\n条数：{processor.last_segment_count}\n路径：{result_path}"

Completion notifications include the generated file name and local path, which are passed through the OpenClaw event/message flow.

User impactLocal file paths or private filenames may be sent to the user's connected chat platform as part of the completion notification.

RecommendationUse notifications only when this path information is acceptable, or reduce notifications to a minimal status message.