Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Greek Reel Video Editor
v1.0.0Edit a raw talking-head video into a polished short-form reel with Greek karaoke subtitles. Trims silence, adds Manrope Bold subtitles, zoom effects, SFX, an...
⭐ 0· 36·0 current·0 all-time
byArtemis Leonardou@artemisln
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill's stated purpose (edit a talking-head video with karaoke subtitles) matches the runtime instructions (ffmpeg, Whisper, Pillow, cairosvg). However the declared metadata lists no required binaries/env/configs while the SKILL.md and README clearly require ffmpeg, ffprobe, Python 3.10+, and Python packages (openai-whisper, Pillow, cairosvg), plus the Manrope font and bundled audios. This mismatch between declared requirements and actual instructions is an incoherence.
Instruction Scope
Instructions ask the agent to run ffprobe/ffmpeg, run Whisper locally, read the video's parent directory and skill base directory for audios/images, and search system/user font directories (or download Manrope). Accessing local files and fonts is necessary for the stated task, but the skill also tells the user to auto-download font assets if missing — users should verify download sources. The SKILL.md assumes bundled audios/ files exist, but the provided package lacks them, which alters runtime behavior.
Install Mechanism
There is no declared install spec (instruction-only), but the README and SKILL.md instruct pip installs and expect ffmpeg to be present. Relying on user-run pip/ffmpeg is reasonable for this kind of tool, but the lack of an explicit install spec in the registry combined with instructions that fetch packages is a mild risk: the user will need to run external installs (pip) and potentially download fonts/assets.
Credentials
The skill requests no environment variables or credentials (good). It does, however, require filesystem access to the input video, the video's parent directory (images/, audios/), and system font directories — this is proportionate to the task but worth noting because the skill may read arbitrary local files during processing. No external endpoints or secrets are requested.
Persistence & Privilege
The skill does not request always:true and does not ask to modify other skills or agent-wide config. Autonomous invocation is allowed (platform default) but there are no elevated persistence or privilege claims in the package.
What to consider before installing
This skill's editing steps are coherent for a local video editor, but there are notable inconsistencies you should resolve before using it: 1) The skill metadata claims no required binaries or bundled files, yet the instructions require ffmpeg/ffprobe, Python packages (openai-whisper, Pillow, cairosvg), and bundled SFX/Manrope font. Expect to manually install ffmpeg and pip packages. 2) The registry copy does not actually include the audios/ folder the README references — confirm whether the publisher intended to bundle those SFX or whether you must supply them. 3) The skill will read files from the video directory and search system font folders (or download fonts) — if you have sensitive files in those locations, run the tool in a safe/sandboxed environment. 4) Verify the source (there's no homepage) and prefer installing from a trusted repository (e.g., the author's GitHub). If you proceed, run the pip/ffmpeg commands yourself (inspect before running), and preview the transcript edits before the skill auto-applies them.Like a lobster shell, security has layers — review code before you run it.
latestvk97419sjq6zxd1yxtfnd1kzvr9842q8s
License
MIT-0
Free to use, modify, and redistribute. No attribution required.