Skillv1.0.2

ClawScan security

Open Animate · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignFeb 24, 2026, 7:50 AM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill's instructions, required binaries, and install step coherently match its stated purpose (a CLI-driven animation/video workflow), but it installs a third-party npm CLI and relies on external model providers and an additional skill — so verify the npm package and login behavior before installing.
Guidance: This skill appears to do what it says (scaffold Remotion projects, render videos, and call AI model backends) but it installs a third-party npm CLI and instructs you to log in and call external model providers. Before installing: 1) verify the npm package 'oanim' source (repository, maintainer, recent releases) and the homepage (https://open-animate.com) to confirm trustworthiness; 2) be aware `oanim login` will create/stash credentials/tokens locally—confirm where and how those tokens are stored; 3) `npx skills add remotion-dev/skills` will pull additional code—review that skill if possible; 4) expect network calls to fal.ai and other model endpoints that may require API keys or incur costs; 5) consider running the install and first runs in a sandbox or disposable environment and inspect the package contents (npm pack / GitHub repo) before granting access on sensitive machines.

Review Dimensions

Purpose & Capability: okThe name/description match the behavior: it scaffolds Remotion projects, uses an `oanim` CLI, and offers asset generation and rendering. Requiring npx and installing an `oanim` npm package is consistent with this purpose.
Instruction Scope: noteRuntime instructions are narrowly scoped to project init, preview, rendering, and asset generation. They do instruct the agent to run `oanim login`, `oanim assets run` (which will call external model providers), and to `npx skills add remotion-dev/skills` (pulling another skill). These steps will cause network activity and local credential/storage usage, but they do not instruct reading unrelated system files or exfiltrating data.
Install Mechanism: noteThe install is an npm package (kind: node, package: oanim) that creates an `oanim` binary. This is an expected delivery mechanism for a CLI, but npm packages can execute arbitrary code when installed or when the binary runs; there are no suspicious download URLs, but the package source and maintainer are unknown in the registry metadata and should be reviewed before installing.
Credentials: noteThe skill declares no required environment variables, which aligns with the SKILL.md. However, it instructs `oanim login` and uses `oanim assets run` with third-party models (fal-ai, etc.), so credentials or API keys will likely be required at runtime even though they are not declared. This transparency gap is worth noting: the skill itself doesn't ask for broad unrelated credentials, but the CLI and cloud-model calls will require auth and may store tokens locally.
Persistence & Privilege: okThe skill is not always-enabled, requests no config paths, and does not ask to modify other skills' configuration. It will install a CLI binary (oanim) that persists on the host like any npm-installed tool; otherwise no elevated or persistent platform privileges are requested.