Skillv1.0.0

ClawScan security

Find Reference Video via Frameset · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousMar 7, 2026, 4:11 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's instructions mostly match its stated purpose (search frameset.app and fetch original video links) but there are inconsistencies around execution requirements (it tells the agent to run yt-dlp and perform browser hover/click actions yet declares no required binaries or install steps), so the package lacks proportional declarations and operational clarity.
Guidance: This skill appears to do what it says (search frameset.app, show screenshots, get original YouTube/Vimeo links, and optionally download). However: (1) the SKILL.md expects the agent to run yt-dlp and perform browser hover/click/screenshot actions but the package does not declare yt-dlp or any browser automation dependency — ask the publisher to explicitly list required binaries (yt-dlp) and the browsing/automation capability (Playwright/Selenium or a platform browser tool). (2) Confirm that your agent environment has outbound network access and permission to write to ~/Downloads, and that yt-dlp is trusted/installed from a reputable source. (3) Be aware this skill downloads media: ensure you have rights/permission before downloading copyrighted content. If the publisher updates the skill to list required tools and installation steps, the inconsistencies would be resolved and my assessment would be more positive.

Review Dimensions

Purpose & Capability: concernThe skill's described purpose is to find reference frames and fetch original YouTube/Vimeo links and optionally download videos. The SKILL.md explicitly requires running yt-dlp for downloads and performing browser interactions (hover, click, screenshot). However the skill metadata declares no required binaries, no install steps, and no capabilities (e.g., browser automation) — a mismatch between what the skill instructs and what it declares as required.
Instruction Scope: okThe runtime instructions stick to the declared intent: search frameset.app, show screenshots to the user for selection, follow collection pages to get original links, list them, and optionally download chosen videos. The instructions do not request unrelated system credentials or other sensitive files. They do require taking screenshots and writing downloads to ~/Downloads, which is within scope but should be explicitly documented.
Install Mechanism: concernThere is no install spec even though the skill explicitly calls a third‑party tool (yt-dlp) for downloads. The absence of a declared dependency or guidance on ensuring yt-dlp and a browser automation capability are present is a gap: the skill may fail at runtime or an agent may attempt to run commands that aren't available. Instruction-only skills are low-risk when they accurately describe needed tools; here they do not.
Credentials: noteThe skill requests no environment variables or credentials, which is appropriate. It does instruct saving files to ~/Downloads and performing network requests to frameset.app / youtube.com / vimeo.com. These actions require filesystem write and outbound network access but no secrets — reasonable for the stated purpose, but should be disclosed to users and documented.
Persistence & Privilege: okThe skill does not request persistent presence (always: false) and does not modify other skills or system-wide settings. Allowing autonomous invocation is the platform default and is not a unique concern here.