ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Cerul Openclaw Skill

v1.1.0

The video search layer for AI agents. Teach your AI agents to see — search video by meaning across speech, visuals, and on-screen text. Use when a user asks...

0· 63·0 current·0 all-time
byJiaxi Cui@jessytsui
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The skill claims to be a video-search wrapper and declares the cerul CLI and an API key (CERUL_API_KEY), which is appropriate. However, the SKILL.md prefers persisting the key to ~/.config/cerul/credentials and explicitly tells agents not to use export/CERUL_API_KEY, which conflicts with the declared primaryEnv and the 'requires.env' listing. That inconsistency between declared requirements and the runtime guidance is unexplained.
!
Instruction Scope
The instructions tell the agent to read (~/.config/cerul/credentials) and to write the API key directly to that config file (echo > ~/.config/cerul/credentials). The skill did not list that config path in its metadata. It also instructs using a non-interactive installer (curl | bash) and discourages the official interactive login flow. Writing persistent secrets to disk and running remote install scripts are beyond a simple 'search' helper and should be explicitly declared and justified.
!
Install Mechanism
The SKILL.md's install step is a curl -fsSL https://cli.cerul.ai/install.sh | bash pattern (pipe to shell). This downloads and executes a remote script from a domain not clearly one of the well-known release hosts (the homepage is a GitHub repo, but the installer domain differs). Curl|bash is a high-risk install mechanism and should be inspected before running; the skill provides no alternative verified package or checksum.
!
Credentials
Only one credential (CERUL_API_KEY) is requested, which matches the service's needs in principle. But the skill's runtime guidance explicitly avoids using the env var and instead directs persistent file writes, while the manifest still marks CERUL_API_KEY as the primary credential. The config file path used for persistence is not declared in the manifest. This mismatch makes it unclear how the agent will actually obtain and store the secret.
Persistence & Privilege
The skill will create and write ~/.config/cerul/credentials if the file is missing, which is a normal behavior for a CLI wrapper, but the manifest did not declare required config paths. 'always' is false (good). Because the skill instructs persistent storage of credentials and executing an install script, you should verify those actions before allowing the skill to run autonomously.
What to consider before installing
This skill appears to do what it says (search videos) but has several red flags you should address before installing: 1) The SKILL.md tells the agent to persist your API key to ~/.config/cerul/credentials (writes a secret to disk) while the manifest lists CERUL_API_KEY as an environment variable — confirm which method the runtime will actually use. 2) The installer uses curl | bash from https://cli.cerul.ai/install.sh — do not run that blindly; review the script contents and prefer official package releases or checksums. 3) If you decide to proceed, limit the API key's permissions (create a scoped key if possible), inspect and vet the installer script, and consider creating a throwaway key for testing. 4) If you want stronger guarantees, ask the skill author to: declare the config path in metadata, provide a verified installer (GitHub release with checksum), and clarify whether the CLI accepts CERUL_API_KEY from env or only from the credentials file. If you cannot verify these, treat the skill with caution and avoid giving it your primary/privileged API key.

Like a lobster shell, security has layers — review code before you run it.

latestvk9795xm7ss8sawz0zz2gxpgdw584abd2

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🎬 Clawdis
Any bincerul
EnvCERUL_API_KEY
Primary envCERUL_API_KEY

Comments