ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

AI短视频脚本生成器

v1.0.0

AI短视频脚本生成工具,支持多平台、多时长,自动生成hook、镜头、文案、BGM、CTA完整方案,支持脚本管理。每次调用收0.001USDT。

0· 132·0 current·0 all-time
by@baolige2023
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
high confidence
Purpose & Capability
The code and SKILL.md align with the advertised purpose (script generation, payment per-call, script storage). However the skill declares no required environment variables or primary credential while both the SKILL.md and scripts/app.py include hardcoded API keys (SkillPay and SiliconFlow). That is an inconsistency: the skill actually depends on external billing and AI services but does not declare credentials as required.
Instruction Scope
Runtime instructions and app code stick to generating scripts, saving to a local SQLite DB, and interacting with two external services (SkillPay billing and SiliconFlow AI). They do not read arbitrary local files or system config, but the before_request middleware triggers billing calls on most endpoints (automatic charge verification), which may cause external network calls and billing activity even for routine requests.
Install Mechanism
No install spec (instruction-only with included code) — minimal installation risk. The skill ships runnable Flask code (no external download/install steps are hidden).
!
Credentials
Although declared 'required env vars: none', the code contains hardcoded secrets: SKILLPAY_API_KEY in SKILL.md and app.py and SILICONFLOW_API_KEY in scripts/app.py. These are sensitive and should not be embedded in distributed code. The skill will make network calls using those keys and will attempt to charge users unless TEST_MODE is enabled. The presence of plaintext credentials and automatic billing is disproportionate to a benign, local script generator and is a clear risk.
Persistence & Privilege
always:false and user-invocable:true (normal). The skill does not request system-wide privileges or modify other skills. It runs a local Flask server and writes to a local SQLite DB (data/scripts.db), which is expected for script management.
Scan Findings in Context
[hardcoded_skillpay_api_key_in_SKILL_md] expected: SKILL.md exposes a SkillPay API key (sk_d11f398e77...) — a payment integration needs a key, but embedding it in the skill manifest is unsafe and inconsistent with 'required env vars: none'.
[hardcoded_siliconflow_api_key_in_source] expected: scripts/app.py contains SILICONFLOW_API_KEY (sk-ggfjeh...) used to call an external AI API. Using an API key is expected, but it should be supplied via secure configuration (env var) rather than hardcoded.
[automatic_billing_in_before_request_middleware] expected: The Flask before_request check will call SkillPay /charge for most endpoints and block requests until payment is verified. This is coherent with the pay-per-use claim but means the skill triggers network billing calls automatically — important to know before running.
What to consider before installing
Key points to consider before installing or running this skill: - Hardcoded secrets: The repository contains plaintext API keys for SkillPay and SiliconFlow. Although both are used for expected functions (billing and AI), hardcoded keys are unsafe. Do not run this code unless you either replace those keys with your own and keep them secret, or modify the code to read keys from environment variables. - Automatic billing: By default TEST_MODE is False. The application will call the billing API in a before_request hook and may attempt to charge the user for most endpoints. If you test, set TEST_MODE=True or inspect/replace the billing key and endpoints first. - Network calls to external services: The skill will contact skillpay.me and api.siliconflow.cn. Verify those services are trustworthy for your use case and that you want your prompts/data sent to them. - Local persistence: The app writes scripts to data/scripts.db in the skill directory. Make sure you are comfortable storing generated content locally and that file permissions are appropriate. - Remediation suggestions: Ask the author to remove secrets from code and declare required env vars (or do it yourself). Prefer environment-based configuration for API keys, enable TEST_MODE for local testing, and review/rotate any exposed keys. If you don't trust the embedded keys or the payment provider, do not run the skill; instead host the code locally with your own credentials in environment variables. - If unsure: run the code in an isolated sandbox or container, monitor outbound network traffic, and inspect billing calls before providing real payment credentials.

Like a lobster shell, security has layers — review code before you run it.

aivk9771dvg644qkapkf19jq648t983g7vkgeneratorvk9771dvg644qkapkf19jq648t983g7vklatestvk9771dvg644qkapkf19jq648t983g7vkmonetizationvk9771dvg644qkapkf19jq648t983g7vkscriptvk9771dvg644qkapkf19jq648t983g7vkshort-videovk9771dvg644qkapkf19jq648t983g7vk

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments