OpenSubtitles Read-only
ReviewAudited by ClawScan on May 10, 2026.
Overview
The skill is mostly aligned with read-only subtitle lookup, but its local subtitle reader has a weak cache-directory check that could allow unintended local file reads.
Review this skill before installing. Its OpenSubtitles API use is expected for the stated purpose, but the local subtitle file reader should be fixed to enforce the cache directory using canonical paths. Until then, only run it on trusted subtitle paths inside the skill cache and keep OpenSubtitles credentials out of shared logs or chat responses.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A malicious or mistaken file path could cause the agent to read and display a local file outside the intended subtitle cache, especially if it has a .srt-looking path or is reachable through a symlink.
The script checks only whether the supplied path string starts with the cache directory before reading it. Because it does not canonicalize the path or reject symlinks, a crafted path such as one containing '../' after the cache prefix, or a symlink inside the cache, may bypass the intended cache-only boundary.
if [[ "$srt_file" != "$cache_dir"/* ]]; then echo "Error: subtitle file must be inside $cache_dir" >&2 exit 1 fi ... awk ... "$srt_file"
Resolve the requested file with realpath, resolve the cache directory too, compare canonical paths, and reject symlinks or traversal before passing the file to awk.
The agent may handle your OpenSubtitles API key, username/password, or token, and download-link requests can consume your account quota.
The skill needs OpenSubtitles credentials and optional account login/token data to access provider APIs and request download links. This is expected for the integration, but it is still account authority that should be protected.
Required env vars: - `OPENSUBTITLES_API_KEY` - `OPENSUBTITLES_USER_AGENT` Optional (for downloads): - `OPENSUBTITLES_USERNAME` - `OPENSUBTITLES_PASSWORD` - `OPENSUBTITLES_TOKEN`
Use the least-sensitive credential available, avoid pasting secrets into chat when possible, do not share command outputs containing tokens, and revoke or rotate credentials if they are exposed.