ClawHub

Video Compressor

v1.0.0

Guide users to VideoAny Video Compressor tool to reduce video file size with quality/scale/format controls.

0· 173·0 current·0 all-time
byColin@gaoq1
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The skill's name/description, included scripts, and runtime instructions all align: they only provide guidance and print recommended settings for VideoAny's compressor. However, the SKILL.md header declares permission 'shell:exec', which is broader than the skill actually needs (its scripts simply print guidance and parse CLI args). This permission is unnecessary for the described functionality and should be reviewed.
Instruction Scope
SKILL.md instructs the agent to direct users to https://videoany.io/tools/video-compressor, explain the upload->configure->compress->download flow, and optionally run the local helper script which only prints guidance. The instructions do not direct reading arbitrary system files, accessing unrelated environment variables, or sending data to hidden endpoints.
Install Mechanism
There is no install spec (instruction-only style). The bundle contains small Python scripts used as a local helper; nothing is downloaded from external URLs or written to unusual locations.
Credentials
The skill declares no required environment variables, no credentials, and no config paths. The included scripts do not access secrets or external credentials.
Persistence & Privilege
The skill does not request always:true, does not attempt to modify other skills or system-wide agent settings, and does not request persistent presence or additional privileges beyond the unexplained shell:exec header permission.
Assessment
This skill appears to be what it claims: a guidance helper that points users to VideoAny's compressor and includes a tiny CLI that only prints recommendations. Before installing, confirm that your agent platform enforces SKILL.md permissions (the header includes 'shell:exec', which is broader than needed) and consider removing or restricting that permission if possible. Also note a minor metadata inconsistency (ownerId differs between registry metadata and _meta.json) — this likely is packaging sloppiness but you may wish to verify the publisher. If you allow it, run the skill in a restricted/sandboxed environment first to confirm it behaves as expected.

Like a lobster shell, security has layers — review code before you run it.

latestvk97bpb507vdbfh8w7ncwdtkkfh835nme

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments