ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Fitness Recipes AI

v1.0.0

AI tool that creates viral fitness recipe videos with AI-generated images, voiceovers, renders, and optional TikTok auto-posting.

0· 184·0 current·0 all-time
by@g0atfac3
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
Name/description claim a video-generation pipeline using fal.ai, ElevenLabs, Shotstack and optional TikTok posting — the code does implement those components. However there are mismatches: several files call ffmpeg and Pillow (PIL) but SKILL.md only instructs `pip install requests`. _meta.json lists required env vars but create_videos.py embeds a hardcoded ElevenLabs API key and uses an absolute OUTPUT_DIR (/Users/...), while other files use Path.home()/clawd. The skill asks for no required binaries in registry metadata but relies on ffmpeg and cron examples, which is inconsistent.
!
Instruction Scope
SKILL.md instructs setting FAL/ELEVENLABS/SHOTSTACK env vars and a simple pip install of requests. The code, however, reads env vars in some modules but also hardcodes a secret in create_videos.py. The instructions don't document required system binaries (ffmpeg) or Python packages (Pillow). Some modules attempt network requests to external services and write to user's home directories and hardcoded paths; daily_batch.py suggests running as root in a cron entry. There are also TODOs and placeholder implementations in several files, and one module (fal_client.py) contains a malformed JSON payload line (syntax error), indicating the skill's runtime behavior is inconsistent with the documentation.
Install Mechanism
This is an instruction-only skill (no installer) which is lower risk from arbitrary downloads. However, the code writes files beneath the user's home dir and expects external system tools (ffmpeg) and packages (Pillow) that are not declared. Missing installation guidance for binaries is a usability and safety concern (scripts call ffmpeg via subprocess).
!
Credentials
SKILL.md and _meta.json declare FAL_API_KEY, ELEVENLABS_API_KEY, and SHOTSTACK_API_KEY (plus optional POSTIZ). Those env vars are appropriate for the described integration, but create_videos.py embeds an explicit ElevenLabs API key in source — a clear secret leak and inconsistency (some files use env vars, one file ignores them). The hardcoded key is disproportionate and dangerous: if it's valid, it exposes an account and allows unauthorized use; even if stale, embedding secrets in source is insecure. The number of env vars is reasonable for the purpose, but credential handling is sloppy.
Persistence & Privilege
The skill does not request always:true, does not modify other skills, and is user-invocable. It does suggest adding a cron job (daily_batch) which is a user action; this is not an automatic privilege escalation by the skill itself.
Scan Findings in Context
[hardcoded_secret_in_code] unexpected: create_videos.py contains a hardcoded ElevenLabs API key (ELEVENLABS_API_KEY = "sk_64a3d7..."). This contradicts the documented environment-variable approach and is a high-risk secret leak if the key is valid.
[undeclared_binary_and_dependency_usage] unexpected: Multiple files call ffmpeg via subprocess and fal_client.py/create_videos.py use Pillow and other libraries, but SKILL.md only asks to `pip install requests` and registry metadata lists no required binaries. The skill's runtime requires more dependencies than documented.
[hardcoded_absolute_paths] unexpected: Some files use absolute paths (/Users/g0atface/... and cron entry pointing at /root/...), while other files use Path.home()/clawd. Hardcoded root/user paths are unexpected and may cause accidental writes to privileged locations if run under different accounts.
[syntax_or_logic_errors] unexpected: fal_client.py contains a malformed payload fragment (`"height": 1280, # 9:16 vertical for TikTok
format }`) which is a syntax error and will break runtime execution. Several functions are TODO stubs—skill is not consistently implemented.
What to consider before installing
Do not run this skill as-is. Before installing or executing it: 1) Treat any hardcoded secret as compromised — rotate the exposed ElevenLabs key immediately if it's yours and remove secrets from code. 2) Request a corrected package that: removes hardcoded keys, documents and installs required system binaries (ffmpeg) and Python packages (Pillow, requests), and uses environment variables consistently. 3) Fix the syntax/implementation errors (malformed JSON/payload in fal_client.py and TODO stubs). 4) Remove or parameterize hardcoded absolute paths and avoid cron examples that run as root; let users choose install/output directories. 5) If you intend to auto-post to TikTok, verify the Postiz integration and limit token scope. If the publisher cannot address these issues or you can't audit the code yourself, avoid installing or running this skill and prefer a vetted alternative.

Like a lobster shell, security has layers — review code before you run it.

latestvk9727ygnfc3za3pgg4rp3982rn82ttzp

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments