ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

AI Short Video Script Generator Pro

v1.0.0

AI Short Video Script Generator, support TikTok/YouTube Shorts/Instagram Reels, auto generate hook, shots, voiceover, subtitles, BGM, CTA. $0.005 USDT per use.

0· 191·1 current·1 all-time
by@baolige2023
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
high confidence
Purpose & Capability
The code implements an AI short-video script generator and a payment flow, which matches the skill description. Using an external model API and a billing service is coherent with the stated purpose. However the skill embeds its own provider/billing credentials instead of declaring required credentials (no requires.env), which is an unexplained design choice.
!
Instruction Scope
SKILL.md describes the user-facing flow but does not clearly disclose that user inputs (topics/platform/duration) will be sent to a third-party AI provider (https://api.siliconflow.cn) and that billing calls go to https://skillpay.me. The runtime code transmits user content to those external endpoints and also stores scripts locally in a sqlite DB; the documentation omits these privacy/telemetry details.
Install Mechanism
There is no install spec (instruction-only style with shipped code). Nothing downloads arbitrary archives or executes an installer. Risk comes from bundled code and its network behavior rather than an installer.
!
Credentials
The repository declares no required environment variables, yet the code contains hard-coded secrets: SKILLPAY_API_KEY, SILICONFLOW_API_KEY and a fixed Flask SECRET_KEY. Requiring no credentials in metadata while shipping active API keys is inconsistent and risky (exposed secrets can be abused, and user data will be sent using those keys).
!
Persistence & Privilege
The skill persists generated scripts to a local sqlite database under data/scripts.db and uses a hard-coded Flask SECRET_KEY. More seriously, the app is run with debug=True and host='0.0.0.0' in main(), which can expose the Flask interactive debugger and allow remote code execution if reachable — a high-risk default for a networked service.
What to consider before installing
This skill mostly does what it says, but there are several red flags you should consider before installing or running it: - Hard-coded secrets: The code includes embedded API keys (SkillPay and SiliconFlow) and a fixed Flask SECRET_KEY. These keys may be real and could be abused by whoever controls the endpoints. Prefer skills that require you to provide your own API keys via environment variables. - Data exfiltration / privacy: User inputs (topic, platform, duration) are sent to https://api.siliconflow.cn and billing calls go to https://skillpay.me. The SKILL.md does not clearly disclose this. If your prompts contain sensitive info, it will be transmitted to those third parties under the embedded keys. - Billing & costs: The skill charges per use via SkillPay.me. Confirm the billing provider is legitimate and that the hosted billing endpoint is what you expect. The code may redirect users to a payment URL returned by SkillPay. - Unsafe defaults: The main script runs Flask with debug=True and binds to 0.0.0.0 — this can expose an interactive debugger and enable remote code execution if the service is reachable. Do not run this in a networked or production environment without changing debug=False and binding to localhost or behind proper authentication. - Local persistence: Generated scripts are stored under data/scripts.db. If that matters for privacy or compliance, plan where the data is stored and who can access it. Recommendations before using/installing: 1. Review and remove hard-coded API keys. Replace them with environment variables and require the user to supply their own provider and billing credentials. 2. Set app.config['SECRET_KEY'] from an env var, and run Flask with debug=False and a safe host binding. 3. Audit the external endpoints (siliconflow.cn, skillpay.me) for legitimacy and privacy policy. Understand what data they log/retain. 4. If you cannot audit or control the keys and endpoints, avoid running the skill with real or sensitive prompts — treat it as untrusted remote execution. 5. If you decide to run it, consider running in an isolated environment (no public network exposure) and inspect network traffic to confirm behavior. Given the embedded secrets, external network calls, and unsafe debug setting, I classify this as suspicious rather than outright malicious — it may be sloppy/insecure engineering, but the inconsistencies materially increase risk.

Like a lobster shell, security has layers — review code before you run it.

aivk97d8j9wd3hadmd358e7tccjss83h09sinstagram-reelsvk97d8j9wd3hadmd358e7tccjss83h09slatestvk97d8j9wd3hadmd358e7tccjss83h09smonetizationvk97d8j9wd3hadmd358e7tccjss83h09sscriptvk97d8j9wd3hadmd358e7tccjss83h09sshort-videovk97d8j9wd3hadmd358e7tccjss83h09stiktokvk97d8j9wd3hadmd358e7tccjss83h09syoutube-shortsvk97d8j9wd3hadmd358e7tccjss83h09s

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments