ClawHub

Reelclaw

Security checks across malware telemetry and agentic risk

Overview

Reelclaw has a coherent reel-production purpose, but it can spend credits, schedule public posts, upload videos to third parties, and modify the local system without strong approval boundaries.

Review this skill before installing. Use it only with non-sensitive videos, revocable API keys, explicit budgets for DanSUGC purchases, named social accounts, and manual approval for every upload, purchase, schedule, update, or delete action. Do not allow automatic sudo/package installs or third-party font downloads unless you have reviewed and approved those commands.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Tool MisuseTool Parameter Abuse, Chaining Abuse, Unsafe Defaults
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (14)

Context-Inappropriate Capability

Medium
Confidence
95% confidence
Finding
The skill instructs uploading finished reels to tmpfiles.org, an unrelated third-party file hosting service, to obtain a public URL for publishing. This creates an unnecessary external data disclosure path for user-generated media and bypasses tighter control boundaries implied by the core DanSUGC/Post-Bridge workflow.

Context-Inappropriate Capability

Medium
Confidence
96% confidence
Finding
The documentation includes a ready-to-run example that uploads rendered videos to tmpfiles.org, an unrelated third-party public file host, without tying it to the stated publishing pipeline or establishing any trust, retention, or confidentiality guarantees. In a video production skill that may process proprietary demos, customer UGC, or unpublished marketing assets, this creates a direct data exfiltration path and normalizes sending outputs to an external service outside the approved workflow.

Context-Inappropriate Capability

Medium
Confidence
89% confidence
Finding
The documentation exposes `mcp__dansugc__scrapecreators_raw` as a generic proxy to arbitrary downstream endpoints, which materially expands capability beyond narrowly scoped reel research. In an agent skill context, a raw passthrough increases the risk of unreviewed data access, unexpected external interactions, and use of third-party APIs in ways not bounded by the skill's stated workflow.

Context-Inappropriate Capability

Low
Confidence
78% confidence
Finding
The guide recommends uploading media to a generic public hosting service (`tmpfiles.org`) so the scheduling API can fetch it. That creates unnecessary public exposure of potentially sensitive or unpublished media and introduces a third-party distribution point not essential to the core business logic.

Context-Inappropriate Capability

Medium
Confidence
91% confidence
Finding
The documented path-mapping forwards arbitrary query parameters and request bodies to ScrapCreators, effectively advertising an unrestricted API relay. In an agent environment, this defeats least-privilege design and can enable access to undocumented or unsafe operations outside the reviewed skill surface.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The instructions tell users to upload completed videos to a public temporary hosting service without clearly warning that the resulting URL may expose unpublished content to anyone with the link. In a media production skill, this is especially risky because reels may contain unreleased marketing assets, customer data, or licensed material.

Missing User Warnings

High
Confidence
98% confidence
Finding
The example generates a public URL for the uploaded video but provides no warning that the file becomes externally accessible to anyone with the link. Because this skill is designed to create and publish reels at scale, users may treat the snippet as a normal internal step and unintentionally expose unreleased content, creator footage, app demos, or brand assets to the public internet.

Missing User Warnings

Medium
Confidence
85% confidence
Finding
The tool list includes `purchase_videos`, which spends credits and returns download URLs, but the primary tool description does not prominently warn that invoking it has billing consequences. In an agent-driven workflow, insufficient warning around a chargeable action can lead to unintended purchases and financial loss.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The guide describes `create_post` and related publishing operations against connected social accounts without a strong, upfront warning that these actions can publish content externally. In this skill's context, silent or misunderstood posting behavior can cause reputational damage, account misuse, and irreversible distribution of content.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The Gemini section instructs users to upload demo videos to a third-party AI service without any privacy, confidentiality, or data-handling warning. Demo recordings often contain proprietary UI, customer data, credentials, or other sensitive information, so omission of a warning materially increases accidental data exposure risk.

External Transmission

Medium
Category
Data Exfiltration
Content
fi
  mkdir -p "$FONT_DIR"
  cd /tmp
  curl -L -o tiktoksans.zip "https://www.cufonfonts.com/download/font/tiktok-sans"
  unzip -o tiktoksans.zip -d tiktoksans_extracted
  cp tiktoksans_extracted/TikTokSans*.ttf "$FONT_DIR/"
  rm -rf tiktoksans_extracted tiktoksans.zip
Confidence
88% confidence
Finding
curl -L -o tiktoksans.zip "https://www.cufonfonts.com/download/font/tiktok-sans" unzip -o tiktoksans.zip -d

Sudo/Root Execution

Medium
Category
Privilege Escalation
Content
if command -v brew &>/dev/null; then
    brew install ffmpeg
  elif command -v apt-get &>/dev/null; then
    sudo apt-get update && sudo apt-get install -y ffmpeg
  else
    echo "ERROR: Install ffmpeg manually"; exit 1
  fi
Confidence
93% confidence
Finding
sudo

Sudo/Root Execution

Medium
Category
Privilege Escalation
Content
if command -v brew &>/dev/null; then
    brew install ffmpeg
  elif command -v apt-get &>/dev/null; then
    sudo apt-get update && sudo apt-get install -y ffmpeg
  else
    echo "ERROR: Install ffmpeg manually"; exit 1
  fi
Confidence
93% confidence
Finding
sudo

Chaining Abuse

High
Category
Tool Misuse
Content
if command -v brew &>/dev/null; then
    brew install ffmpeg
  elif command -v apt-get &>/dev/null; then
    sudo apt-get update && sudo apt-get install -y ffmpeg
  else
    echo "ERROR: Install ffmpeg manually"; exit 1
  fi
Confidence
90% confidence
Finding
&& sudo

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal