Skillv1.0.0

ClawScan security

Trio Vision · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 10, 2026, 1:55 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's requests and runtime instructions are consistent with its stated purpose (calling a video-analysis API); the main risks are privacy/cost tradeoffs from sending streams/frames to an external service and using webhooks, not unexplained credentials or installs.
Guidance: This skill appears to do what it says: it wraps a third‑party Vision API and needs a single API key. Before installing, confirm you trust Trio/machinefi (https://trio.machinefi.com) because using the skill will send frames/clips and stream URLs to their servers. Be cautious with private RTSP/local URLs (they may expose your LAN streams) and with the include_frame option or webhooks — these can deliver image data to external endpoints. Use a scoped or rotateable API key if possible, do not paste the key publicly, review Trio's privacy policy, and test first with non‑sensitive streams. Also verify expected costs (monitoring is billed per minute) and ensure any webhook endpoints you provide are trusted. If you want, I can show the exact curl calls the skill will run or help draft a safer test workflow (short runs, low-resolution frames, no include_frame) to validate functionality without exposing sensitive video.

Review Dimensions

Purpose & Capability: okName/description match the behavior: the SKILL.md instructs the agent to call Trio's REST API to analyze live streams. The only required credential is TRIO_API_KEY and required binaries are curl or python3 (used to POST/parse JSON), which are proportional and expected for a REST-wrapping, SKILL.md-only skill.
Instruction Scope: noteThe instructions consistently tell the agent to POST stream URLs and natural-language conditions to Trio's API and to handle job lifecycle (check/cancel/list). Important runtime behaviors are explicit: frames/clips may be uploaded to Trio, include_frame can return base64 images, and webhooks/SSE can deliver events to arbitrary endpoints. This is coherent with the product but creates privacy/data-flow considerations: user-provided stream URLs (including RTSP on a LAN) and image frames will be transmitted to an external service (trio.machinefi.com) and/or potentially to user-specified webhook endpoints. The SKILL.md does not instruct the agent to read or exfiltrate other local files or env vars beyond TRIO_API_KEY.
Install Mechanism: okNo install spec and no code files — it's SKILL.md-only. That is low-risk: nothing is downloaded or written to disk by the skill itself.
Credentials: okOnly one environment variable is required (TRIO_API_KEY) and it is the primary credential for the service being called. No unrelated secrets or config paths are requested.
Persistence & Privilege: okThe skill is not marked always:true and does not request persistent system-wide changes. Autonomous invocation (default) is expected for skills and is not, by itself, a misalignment here.