Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
AI Hookbot
v1.0.2Scrape viral hooks from YouTube Shorts creators and stitch them with a CTA video to produce ready-to-post TikTok/Reels/Shorts content. Use when asked to make...
⭐ 0· 207·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name/description (scrape Shorts, trim, stitch CTA) aligns with the runtime instructions (use yt-dlp + ffmpeg and run pipeline.py). However, no pipeline scripts are included in the skill bundle — the SKILL.md requires you to clone an external repository (placeholder URL) or provide your own pipeline.py. That makes the skill a set of instructions that rely on outside code the user must obtain and trust.
Instruction Scope
Instructions are concrete (install yt-dlp/ffmpeg, set HOOKBOT_* env vars, run pipeline.py via an exec). They avoid broad system interrogation (explicitly say not to source shell rc), which is good. However there is a clear contradiction: Workflow step 4 says to 'sanitize error output before relaying — strip file paths and env var values', while Notes later say 'If the pipeline errors, relay the error output to the user verbatim so they can debug.' This inconsistency could lead to accidental disclosure of local paths/credentials. Also the instructions expect the agent to run external code (pipeline.py) which could perform any file/network actions beyond what's described.
Install Mechanism
This is an instruction-only skill (no install spec), which is low surface risk, but it asks the user/agent to pip-install yt-dlp and use system ffmpeg and to git-clone a repo at https://github.com/YOUR_REPO/hookbot-scripts — that URL is a placeholder and the actual repository is not provided. Asking users to clone/run external, unspecified scripts increases risk: those scripts will run on the user's machine and could contain harmful behavior. There is no checksum, canonical repo, or packaged code included for review.
Credentials
The skill declares no required env vars and the supplied config.example.env contains only local-path settings and an optional YOUTUBE_API_KEY for the --viral flag. That is proportionate to the task. Still, because the skill instructs relaying pipeline error output, there's an elevated risk that local paths or API keys could be accidentally revealed unless the sanitization instruction is followed (and the SKILL.md contradiction is resolved).
Persistence & Privilege
The skill does not request always:true, does not modify other skills, and does not require persistent or privileged system presence. It only instructs running external scripts and binaries when invoked, which is normal for a runtime pipeline.
What to consider before installing
This skill is mostly a runbook for an external pipeline rather than a self-contained implementation. Before using it: 1) Do not clone or run an unknown repository — the SKILL.md points to a placeholder repo. Ask the author for the exact repo URL and a commit/tag and verify the code (pipeline.py) yourself. 2) Audit the external pipeline.py and any scripts for network calls, file access, or credential usage before executing. 3) Decide whether to enable the agent to run the pipeline autonomously — the pipeline will execute commands (yt-dlp, ffmpeg) and download content. 4) Be careful with the optional YouTube API key: only supply it if you trust the code and only for --viral. 5) Resolve the contradictory error-handling guidance: ensure errors are sanitized before presenting them to avoid leaking local paths or secrets. 6) If you cannot review the external scripts, do not run them on sensitive hosts; use an isolated environment or container. If the author provides a canonical repository and release with checksums, re-run this evaluation with that repo included.Like a lobster shell, security has layers — review code before you run it.
latestvk973e60vc128ks9p9x8ymba6ws82vyp2
License
MIT-0
Free to use, modify, and redistribute. No attribution required.