ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Videogen

v2.0.1

视频号AI短视频自动化生产流水线(v2)。用户说"做视频"、"生成视频"、"短视频制作"、"视频混剪"时触发。支持三种内容模式自动切换(Mode A纯干货 / Mode B剧情+科普 / Mode C漫剧型)。使用 MiniMax Hailuo AI 生成视频片段,配合 FFmpeg 混剪,输出适合视频号发布的完...

0· 103·0 current·0 all-time
by@devioslang
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
Crypto
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The skill claims to orchestrate TTS, AI video (MiniMax Hailuo / IMA), and FFmpeg mixing — which legitimately requires API keys and binaries (python, ffmpeg, node/npm). However the registry metadata declares no required environment variables and 'required binaries: none'. That's inconsistent: the pipeline clearly needs external API keys (MiniMax / IMA) and local tools (python, ffmpeg, pip, possibly node) to function.
!
Instruction Scope
SKILL.md instructs the agent to run multiple Python scripts (run_pipeline.py, url_extractor.py, tts_harness.py, generate_video.py) and ffmpeg commands, to fetch and scrape web pages (WeChat/ Zhihu / generic webpages), call external AI services (Hailuo / IMA), optionally install and run Whisper, and to read/write local files (minimax-output/, normalize_patches.json, clips, slides). These actions go beyond a 'simple helper' and include network calls and local file writes that are not declared in the metadata.
Install Mechanism
There is no install spec (instruction-only in metadata) but the bundle contains many code files, Python scripts, and npm package-lock.json files. Running the pipeline will likely require installing Python deps (pip), npm packages (remotion), and system binaries (ffmpeg). The package-lock references a non-default mirror (http://mirrors.tencentyun.com) in resolved fields — not necessarily malicious but notable because it differs from standard registries and uses http URLs in the lockfile.
!
Credentials
SKILL.md documents explicit API key formats (MiniMax keys starting with 'sk-cp-' and IMA keys 'ima_') and describes rate limiting and error codes; yet registry metadata lists no required env vars or primary credential. Requesting API keys for external video/TTS services is reasonable for the stated purpose, but failing to declare them in the skill metadata is a mismatch and a transparency problem. The skill will transmit user content to third‑party APIs (Hailuo/IMA/possibly Whisper) — users should assume that any input (links/text) will be sent to those external services.
Persistence & Privilege
The skill does not request 'always: true' and does not claim to modify other skills. It writes and reads files inside its working tree (minimax-output/, normalize_patches.json) which is normal for a pipeline that caches artifacts. There is no evidence it attempts to persist agent-wide configuration or escalate privileges; still, it will store generated artifacts and patches locally by design.
What to consider before installing
Things to consider before installing or running this skill: - Metadata mismatch: The SKILL.md clearly requires external API keys (MiniMax Hailuo and optional IMA) and local tooling (python, ffmpeg, node/npm, pip packages), but the registry metadata lists none. Treat the absence of declared env vars/binaries as a red flag — ask the author to declare required credentials and system prerequisites explicitly. - Data exposure: The pipeline will send input content (text, webpage content, possible images) to third‑party services (Hailuo, IMA, Whisper/OpenAI if enabled). Only run it with accounts/keys you trust and that are scoped appropriately; avoid using high‑privilege or production API keys. - Run in a sandbox: Because the package contains many scripts and will execute arbitrary python and shell commands and call ffmpeg, run it in an isolated environment (container, VM) with limited network and filesystem access until you review the code you will execute (notably scripts/v2/*.py and skills/minimax-multimodal/scripts/video/generate_video.py). - Inspect the largest scripts: review run_pipeline.py, tts_harness.py, generate_video.py, url_extractor.py to confirm which external endpoints they call, how they source API keys (env vars vs config files), and what they log or upload. Look for hardcoded endpoints, telemetry, or unexpected uploads. - Verify package sources: npm lockfile entries resolve to a Tencent mirror (http://mirrors.tencentyun.com). If you plan to npm install, prefer using official registries (https://registry.npmjs.org) or verify the integrity hashes before trusting those archives. - Ask the author for clarifications you need: an explicit list of required environment variables and their names, exact endpoints used by generate_video.py, whether any secrets are written to disk or transmitted to other services, and a minimal safe run recipe (e.g., a dry‑run mode that does not call external APIs). If you want, I can enumerate the top files to inspect (run_pipeline.py, url_extractor.py, tts_harness.py, generate_video.py) and summarize any external network calls or uses of environment variables I find inside them.

Like a lobster shell, security has layers — review code before you run it.

latestvk9779sscdexvy5k6mabw1gyn3h84c4rv

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments