Back to skill
Skillv1.0.0
ClawScan security
Nm Scry Vhs Recording · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 20, 2026, 4:01 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's requirements and instructions are consistent with a tool that validates and runs VHS tape files to produce terminal-recording GIFs; it does not request unrelated credentials or install arbitrary code itself, but running tapes will execute whatever commands the tape contains so caution is required.
- Guidance
- This skill appears to do what it claims, but be careful: VHS tape files contain commands that vhs will execute on the host. Before running a tape, review its contents for dangerous commands (network calls like curl/nc/scp, git pushes, rm, sudo, data reads) and for directives that change PATH/HOME or write files. Avoid using --publish on tapes that include sensitive output (publishes to a public endpoint). Use vhs validate and dry runs, run untrusted tapes inside an isolated environment (container/VM) with limited filesystem permissions, and keep Go/bin paths and dependency installs under your control. The scanner found no code artifacts to analyze (instruction-only), which reduces static signals — inspect tape files themselves before execution.
Review Dimensions
- Purpose & Capability
- okName/description (VHS terminal recordings → GIF outputs) align with the instructions: the SKILL.md describes validating a tape file, checking for the vhs binary, and invoking vhs to produce GIFs. The declared metadata requests no unrelated credentials or binaries.
- Instruction Scope
- noteThe runtime instructions legitimately require reading and validating the tape file and invoking the vhs tool. However, vhs executes the commands embedded in tape files (including Set Env, cd, and arbitrary command lines), and the skill also documents publishing (--publish) to vhs.charm.sh. These behaviors are expected for a recorder but create a host-execution/data-leakage risk if tapes are untrusted or contain sensitive outputs.
- Install Mechanism
- okThis is an instruction-only skill with no install spec or bundled downloads. The SKILL.md recommends standard install commands (go install, brew, package managers) for external dependencies, which is proportionate and expected.
- Credentials
- okThe skill does not request environment variables, credentials, or config paths. The documentation references modifying environment inside tape files (Set Env) and PATH guidance, which is appropriate for a tool that spawns a terminal session but requires user attention since tapes can modify environment for the recorded session.
- Persistence & Privilege
- okSkill flags are default (not always:true), no persistent installation or modification of other skills is indicated. Autonomous invocation is allowed by platform default but not otherwise privileged by this skill.