ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Record screen, microphone or camera from macOS terminal

v0.2.0

macOS CLI tool to record microphone audio, screen video or screenshot, and camera video or photo from the terminal with device listing and output control.

5· 1.4k·7 current·7 all-time
by@atacan
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name and SKILL.md describe a CLI for audio/screen/camera capture and the documented commands, options, and permission notes match that purpose. There are no requested environment variables, credentials, or config paths that don't relate to recording.
Instruction Scope
The runtime instructions stay within the stated scope: how to run subcommands, list devices, choose outputs, and handle macOS privacy permissions. The guide explicitly requires user consent before recording and advises using --duration for non-interactive runs, reducing scope creep.
Install Mechanism
There is no formal install spec in the skill bundle (instruction-only), which is low risk. The SKILL.md suggests 'brew install atacan/tap/record' — a third-party Homebrew tap. That recommendation is reasonable for a CLI tool but carries trust risk if users blindly run the command; verify the tap and inspect the package source before installing.
Credentials
The skill requires no environment variables, credentials, or config paths. All options relate directly to recording (device selection, output path, formats). There is no unexplained request for secrets or unrelated service access.
Persistence & Privilege
The skill does not request persistent presence (always:false) and has no installable components in the bundle. It does not modify other skills or system-wide settings. Normal autonomous invocation is allowed by platform default but not raised by the skill itself.
Assessment
This skill is internally consistent with a macOS recording CLI and does not ask for unrelated credentials. Before installing or running anything mentioned here: (1) do not run the brew install line without verifying the Homebrew tap (atacan/tap) and inspecting its package/source code, (2) ensure you explicitly grant terminal privacy permissions only if you trust the binary, (3) always confirm with the user before recording (the SKILL.md correctly recommends this), and (4) if an agent will run the tool autonomously, limit invocation to explicit, user-approved tasks to avoid accidental recordings.

Like a lobster shell, security has layers — review code before you run it.

latestvk97f2v97zy2b7svx9y7qhwgrf580rf1r

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments