ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

CinePrompt

v1.1.0

Build CinePrompt video prompts and share links without a browser. Converts natural language shot descriptions into structured CinePrompt state, generates pro...

0· 313·0 current·0 all-time
byCinePrompt@belafontelabs
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
high confidence
Purpose & Capability
The skill's name/description (build CinePrompt prompts and create share links) aligns with the included create-share-link.js which posts a prompt/state to a Supabase endpoint to create a share link. That network activity is expected for this feature. However, the registry metadata declares no required environment variables or primary credential, yet the code expects CINEPROMPT_API_KEY or CINEPROMPT_SERVICE_KEY — an inconsistency between claimed requirements and actual code.
!
Instruction Scope
SKILL.md instructs the agent to construct state JSON and call a CLI (cineprompt build). The included script create-share-link.js will accept state via stdin or args and then make network calls to the hardcoded Supabase URL. The SKILL.md does not explicitly document that the agent or user must set CINEPROMPT_API_KEY or CINEPROMPT_SERVICE_KEY environment variables, nor does it warn that the API key will be forwarded to the Supabase RPC. The script will also accept a service key (described as 'internal/owner use only') if present — that allows higher-privilege direct inserts if someone sets that variable.
Install Mechanism
There is no install spec (instruction-only skill), so nothing will be automatically downloaded/installed. The repository includes local scripts but no remote install instructions that pull arbitrary archives or untrusted binaries. The SKILL.md references installing an npm package named 'cineprompt', which is not provided in the skill bundle — users should verify the npm package separately before running it.
!
Credentials
The code reads CINEPROMPT_API_KEY and CINEPROMPT_SERVICE_KEY from environment variables but the skill metadata lists no required env vars or primary credential. CINEPROMPT_API_KEY is expected for normal user-authenticated RPC use (reasonable), but CINEPROMPT_SERVICE_KEY grants direct-insert privileges into the Supabase table — this is a high-privilege secret and the skill does not declare it or explain owner-only usage clearly. The script will also embed and use a hardcoded Supabase 'anon' key for RPC calls; it will forward whatever api key you supply to the backend RPC. This hidden credential requirement and the presence of an owner/service key path are the main proportionality concerns.
Persistence & Privilege
The skill is not marked always:true and has normal invocation settings. It does not request to modify other skills or agent config. There is no install step that writes persistent system-wide binaries in the bundle. The main privilege concern is the potential presence of a service key in the environment if the user (or operator) sets it.
What to consider before installing
What to consider before installing/using this skill: - The included create-share-link.js will send prompt/state data to a specific Supabase instance (https://jbeuvbsremektkwqmnps.supabase.co). If you provide a CINEPROMPT_API_KEY, that key will be passed to the remote RPC to create the share link. Only supply keys you trust the service with. - The skill metadata declares no required environment variables, but the script expects CINEPROMPT_API_KEY (user API key) or CINEPROMPT_SERVICE_KEY (an internal/service key). Do NOT set or expose any internal/service keys (CINEPROMPT_SERVICE_KEY) unless you control the backend and understand the risk — that key can perform higher-privilege direct inserts. - The SKILL.md suggests installing an npm package named 'cineprompt'; that package is not included in this bundle. If you plan to follow that path, inspect the npm package contents and publisher identity before installing globally. - If you want to use this skill safely: prefer the user-authenticated RPC path (supply only a personal CINEPROMPT_API_KEY), inspect create-share-link.js yourself, and avoid exposing any service-level secrets. If the author can update the skill metadata to explicitly declare CINEPROMPT_API_KEY as a required credential (and mark CINEPROMPT_SERVICE_KEY as owner-only and not used by general installs), that would reduce the incoherence. - If you cannot confirm the publisher or do not want to send prompt/state data to the hardcoded Supabase instance, do not run the included script and instead use a trusted upstream CinePrompt client or the official website.
scripts/create-share-link.js:38
Environment variable access combined with network send.
!
scripts/create-share-link.js:29
File read combined with network send (possible exfiltration).
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.

Like a lobster shell, security has layers — review code before you run it.

latestvk979yw13cz2ythg7rndgrdbv8s83494k

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments