Back to skill
Skillv1.0.0
ClawScan security
FFHub FFmpeg Skill · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
SuspiciousMar 9, 2026, 2:31 AM
- Verdict
- suspicious
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's runtime instructions require an FFHUB_API_KEY and use curl/jq, but the published manifest declares no credentials or binaries — that mismatch and a minor instruction that echoes the API key are inconsistent and warrant caution.
- Guidance
- Before installing, confirm the publisher and ask them to fix the manifest to declare the FFHUB_API_KEY dependency and note required runtime tools (curl, jq). Do not paste your API key into chat — set it as an environment variable in the agent host instead. Be aware that using the skill will upload any local media you supply to a third‑party cloud (FFHub), so avoid uploading sensitive content unless you trust the service and its retention policy. Prefer creating a limited-scope or temporary API key for use with this skill. If you need higher assurance, ask the publisher to provide a manifest update that lists required env vars and binaries and avoids example commands that print secrets.
- Findings
[NO_CODE_FILES] expected: The package is instruction-only (SKILL.md) and contains no code files. The regex scanner had nothing to analyze; this is expected for an instruction-only skill.
Review Dimensions
- Purpose & Capability
- concernThe skill description and SKILL.md consistently describe a cloud FFmpeg integration (FFHub API) which legitimately requires an API key and network calls. However, the registry metadata lists no required environment variables or binaries, which is inconsistent: SKILL.md explicitly depends on FFHUB_API_KEY and uses curl/jq. The missing declaration in the manifest is an incoherence.
- Instruction Scope
- noteSKILL.md stays within the declared purpose: building ffmpeg commands, uploading local files, creating tasks, and polling results via the FFHub API. One problematic instruction example is echo $FFHUB_API_KEY — printing the key can expose secrets in logs or chat output. The instructions correctly forbid local file paths for ffmpeg command arguments and limit operations to HTTP/HTTPS inputs.
- Install Mechanism
- okThere is no install specification and no code files; the skill is instruction-only. This is lower risk because nothing is downloaded or written by an installer, but it relies on runtime tools (curl, jq) being available.
- Credentials
- concernSKILL.md requires a sensitive environment variable FFHUB_API_KEY (used for Authorization) but the skill metadata does not declare any required env vars or a primary credential. That omission is a significant mismatch. The skill only needs that single API key for its stated purpose, which would be proportionate if declared and handled safely; however, the example to echo the key increases accidental-exfiltration risk.
- Persistence & Privilege
- okThe skill does not request always:true and has no install or config path changes. It does not request persistent system privileges or modify other skills' configurations.