Skillv1.1.9

ClawScan security

Video Fetch Download · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 14, 2026, 7:49 PM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill's code and instructions are internally consistent with its stated purpose (downloading videos/torrents to cloud storage) but requires trusting third-party binaries and manual cookie entry and will modify user config/profile files.
Guidance: This skill appears to do what it says, but take these precautions before installing: 1) Review scripts/install.sh and the pinned SHA256 values yourself; the installer fetches a rclone fork (third-party binary) — only proceed if you trust that source. 2) Expect the installer to write to ~/.local/bin, may add that directory to your shell profile, and will write credentials to ~/.config/rclone/rclone.conf and ~/.config/video-fetch/quark_cookie.txt (both chmod 600). 3) The Quark flow requires manually pasting a browser cookie — never paste cookies you don't understand; treat them as secrets. 4) The magnet search uses Knaben and apibay (piracy-focused indexes) — consider legal implications in your jurisdiction. 5) The installer attempts package installs (apt-get/yum) without sudo; run it manually and inspect outputs or install dependencies yourself if you prefer. If you are unsure, run the installer and scripts in an isolated account or VM, or manually install only trusted components (yt-dlp, aria2, rclone) and use the Python scripts after inspection.

Review Dimensions

Purpose & Capability: okName/description match the code and instructions: scripts implement 115 QR login, Quark cookie login, magnet search (Knaben + apibay), offline submission, yt-dlp + rclone uploads, and aria2c downloads. Requested actions/paths (rclone config, local cookie file, ~/.local/bin) are expected for this functionality.
Instruction Scope: noteRuntime instructions and scripts access and write local config files (~/.config/rclone/rclone.conf, ~/.config/video-fetch/quark_cookie.txt), may append ~/.local/bin to shell profile, and ask the user to paste Quark browser cookies. These are within the scope of the described features but constitute sensitive operations (writing cloud auth to local files and modifying shell profiles) that users should expect and approve.
Install Mechanism: noteInstaller downloads yt-dlp from the official repo and a rclone '115-fork' binary from a third-party GitHub release, verifies SHA256 (pinned in script), and extracts the binary to ~/.local/bin; this is higher-risk than pure package-manager installs but mitigated by SHA256 checks. The script also attempts to install aria2 and python3.12 via apt-get/yum without sudo, which may fail or behave unexpectedly depending on how the user runs the installer.
Credentials: okThe skill does not declare or require unrelated environment variables or external credentials. It intentionally stores cloud credentials/cookies locally (rclone config and quark_cookie.txt) and does not request other secret env vars. The scripts run rclone to locate the config file, which is appropriate for the feature but exposes existing rclone config to the script.
Persistence & Privilege: noteThe skill is not always-on and does not demand elevated privileges, but the installer may modify user shell profile files (adding ~/.local/bin to PATH) and writes auth files to the user's config directory. Those are reasonable for a user-level install but are persistent changes the user should be comfortable with.