Skillv3.7.4

ClawScan security

Douyin Video Analyzer · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 13, 2026, 1:01 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's code, instructions, and requirements are coherent with its stated purpose: it downloads Douyin videos, extracts frames/audio, and sends selected media to Zhipu (open.bigmodel.cn) for analysis — the main risk is expected privacy/exfiltration of media to that third party.
Guidance: This skill appears to do what it says, but note these important considerations before installing or using it: - Privacy/data exfiltration: The skill explicitly uploads selected keyframes (Base64) and audio segments to Zhipu (open.bigmodel.cn). Only give a ZHIPU_API_KEY you trust and avoid sending media you cannot share with that service (sensitive/personal content, copyrighted material, or data covered by legal/contractual restrictions). - Costs and rate limits: Remote API calls (vision + ASR) can incur cost or rate limits. Confirm your ZHIPU account, quotas, and billing implications. - Installation downloads: Running the provided install (npx playwright install --with-deps chromium) and installing npm deps will download large browser binaries and packages — run in an environment with sufficient disk space and bandwidth. - Run in a sandbox: Because this package executes downloads and shell commands (ffmpeg, yt-dlp, child_process usage), test it first in an isolated VM or container if you have any doubt about running code from an unknown source. - Inspect scripts before use: If you want more assurance, open scripts/analyze.js and verify it only orchestrates the listed modules and that no additional remote endpoints are contacted beyond open.bigmodel.cn and the normal scraping/downloading endpoints. - Alternatives: If you need purely local analysis, do not set ZHIPU_API_KEY and modify the code to skip remote analysis (or inspect/implement a local-only path) to avoid uploading media. If you want, I can help locate the exact lines where uploads happen, suggest a minimal local-only change, or produce a checklist of commands to run this in a container safely.

Review Dimensions

Purpose & Capability: okName/description match implementation: modules for URL resolving, scraping (Playwright), downloading (yt-dlp/HTTP), ffmpeg-based frame/audio extraction, and calls to Zhipu AI. Required binaries (ffmpeg, yt-dlp, node) and the single required env var (ZHIPU_API_KEY) are reasonable and expected for the stated functionality.
Instruction Scope: noteSKILL.md and the code explicitly state that selected keyframes and audio segments are uploaded to Zhipu (open.bigmodel.cn) for analysis; that behavior is implemented in ai-analyzer.js and audio-processor.js. This is within the declared scope but is a clear privacy/data-flow concern: user media (frames/audio) are transmitted off‑host. There are no instructions or code paths that access unrelated credentials or unexpected system areas.
Install Mechanism: noteRegistry metadata indicated no install spec, but SKILL.md includes an 'install' exec step (npx playwright install --with-deps chromium). Repository contains package.json / package-lock.json (Playwright and other npm deps). The install approach is standard (npx/npm) but will download Playwright browsers (large binaries) and npm packages; there is no opaque remote archive or short URL. Users should expect network downloads during install.
Credentials: okOnly ZHIPU_API_KEY is required and is directly used to authenticate calls to open.bigmodel.cn for both vision and audio transcription APIs. No other credentials or unrelated env vars are requested. The single secret requested is proportional to the declared third‑party API usage. Reminder: any key you provide grants that service access to submitted media.
Persistence & Privilege: okSkill does not request always:true and contains no code that alters other skills or global agent configs. It's a normal user-invocable skill that runs when executed; it cleans up temporary files in temp/ according to the code and SKILL.md.