Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Video Generator
v0.1.0AI video production workflow using Remotion. Use when creating videos, short films, commercials, or motion graphics. Triggers on requests to make promotional...
⭐ 0· 479·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The stated purpose (programmatic video production with Remotion) reasonably explains use of Remotion, npm, and exposing a dev server for preview. However the SKILL.md mandates use of Firecrawl (a scraping API) and a Cloudflare tunnel script located at skills/cloudflare-tunnel/scripts/tunnel.sh — neither the API key nor these helper scripts/tools are declared in the skill metadata. Requesting a website-scraping service and a public tunnel is plausibly related to the purpose, but the lack of declared requirements and the reliance on out-of-repo scripts is incoherent.
Instruction Scope
The instructions direct the agent to perform website scraping for brand data, download arbitrary assets (favicon, OG image, screenshots), run npm installs and npx scaffolds, start a background dev server, and call a cloudflare-tunnel script to expose localhost. These steps involve network access, arbitrary external downloads, and exposing a local port — operations that go beyond just generating video files and could expose local resources or transmit data. The SKILL.md also references TOOLS.md and other scripts that are not present, giving the agent broad, ambiguous discretion.
Install Mechanism
There is no install spec (instruction-only), which reduces immediate disk-write risk from a packaged installer. However the runtime instructions tell the agent to run commands that will fetch and run remote code (npx create-video, npm install, curl to arbitrary URLs, and an external tunnel script). Because the skill relies on out-of-skill scripts and network fetches, the effective install/run surface is higher than the manifest suggests.
Credentials
The SKILL.md states 'MANDATORY: Use Firecrawl' and instructs setting FIRECRAWL_API_KEY in a .env file, but the skill's declared requirements list zero environment variables and no primary credential. That mismatch is a clear incoherence. Additionally, the workflow implies broad network and file-system access (downloading assets into the project, exposing a tunnel), which are disproportionate relative to the metadata and which should be explicitly declared and justified.
Persistence & Privilege
The skill does not set always:true and does not request persistent privileges in the registry metadata. Autonomous model invocation is allowed by default (disable-model-invocation:false), which is normal; this by itself is not flagged. The runtime steps do instruct running long-lived background processes and opening a public tunnel, but those are transient runtime actions rather than registry-level persistence.
What to consider before installing
This skill's instructions include website scraping, downloading assets, running npm/npx commands, and starting a public tunnel — all actions that can expose local data or transmit information externally. Before installing/use: (1) Ask the author for the missing manifests: which env vars (FIRECRAWL_API_KEY) and helper scripts are required, and why they weren't declared. (2) Inspect the referenced scripts (skills/cloudflare-tunnel/scripts/tunnel.sh, scripts/firecrawl.sh, TOOLS.md) — do not run them until you review their contents. (3) If you must test, run the workflow in an isolated environment (VM/container) with no access to sensitive files or credentials. (4) Prefer providing a dedicated Firecrawl API key with limited scope or a test key, and avoid putting any unrelated secrets in .env. (5) If you cannot review the scripts or confirm the source, do not expose your machine via the tunnel; instead render locally and deliver files securely. The mismatch between SKILL.md and the declared metadata is a significant red flag; proceed only after clarification and code review.Like a lobster shell, security has layers — review code before you run it.
latestvk977jx5f6hcg3zwk2ezprn9wdh81tk6z
License
MIT-0
Free to use, modify, and redistribute. No attribution required.