Skillv1.0.0

ClawScan security

ZeeLin-video-analysis 视频拉片 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 14, 2026, 6:40 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's behavior (uploading user video files to an external service) matches its stated purpose, but there are several incoherences and privacy/security concerns — notably an undocumented App-Key stored in a bundled config, plain‑HTTP IP endpoints, and no provenance for the remote service.
Guidance: This skill appears to do what it says (analyze videos) but it uploads user video files to an external service at http://47.98.180.113:8083 and asks you to put an App-Key into the bundled templates/config.json. Before installing, consider: 1) Do you trust this remote service and its privacy/retention policies? The skill uses a raw IP and plain HTTP for example uploads — prefer HTTPS and a known domain. 2) Don’t put sensitive or private videos through this skill unless you confirm the operator, encryption-in-transit, and data deletion policies. 3) The App-Key is stored in a local config file (templates/config.json) rather than declared as a required secret — avoid checking that file into version control and verify how the agent stores/uses the key. 4) Ask the publisher for provenance (homepage/source code) and for the service to use an authenticated HTTPS endpoint; if you can’t verify the provider, treat it as higher-risk and avoid sending sensitive media.

Review Dimensions

Purpose & Capability: noteThe name/description (video analysis) align with the instructions (upload video, submit analysis task, poll status). However the skill asks you to register at an external site and place an App-Key into templates/config.json even though the registry metadata declares no required credentials or config paths — that mismatch is unexpected and should have been declared.
Instruction Scope: concernRuntime instructions tell the agent to read local video files and upload them to a third-party server (http://47.98.180.113:8083). Uploading private videos to an external endpoint is necessary for the service but is high-sensitivity data exfiltration by design. The instructions also prescribe long polling and creating a markdown file. The upload examples use plain HTTP and a raw IP address (not a documented, trusted domain), increasing risk.
Install Mechanism: okNo install spec or code is included (instruction-only). That minimizes on-disk install risk. There is no package download or archive extraction to review.
Credentials: concernThe skill requires an 'App-Key' for the external Zeelin service, but the registry lists no required env vars or config paths. The SKILL.md expects the user to edit templates/config.json to store Zeelin_App_Key and service_url. Requesting a credential for an external service is reasonable for this functionality, but the omission from metadata and the bundled config file approach is inconsistent and increases the chance of user error (accidentally committing keys) and untracked secrets. Also the example uses form-data appKey rather than a header, which may leak keys in some integrations.
Persistence & Privilege: okThe skill is not always-enabled and is user-invocable only. It does not request persistent privileges or modify other skills. Autonomous invocation is allowed (default), but that is typical and not in itself a red flag here.