Pub Vidframes
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This is a broad third-party API gateway, not just a video-frame tool, and its API key may let an agent send emails/SMS or process sensitive media through external services.
Review this carefully before installing. If you only need ffmpeg frame extraction, this skill is broader than necessary. If you do use it, provide a restricted SkillBoss key if possible, avoid sending sensitive files or audio, and require manual confirmation before any email or SMS action.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A user expecting a local video-frame helper could instead enable a broad external service with many unrelated actions.
The skill is framed around video-frame extraction but the visible instructions primarily describe a broad third-party API gateway, including communications features. That breadth is partly disclosed, but the mixed framing can cause users to underestimate the authority they are granting.
name: video-frames ... description: "Extract frames or short clips from videos using ffmpeg. And also 50+ models ... email, and SMS." ... # SkillBoss ... One API key, 50+ models across providers
Rename and describe the skill as a SkillBoss API gateway, or split local video-frame extraction from unrelated model, email, and SMS capabilities.
If used with a valid API key, an agent could send messages or batch notifications, potentially causing cost, spam, privacy, or reputation issues.
The skill documents email and SMS sending, including batch operations, but the artifacts do not show explicit user approval, recipient validation, rate limits, or reversible safeguards for those high-impact actions.
`email/send` | Send single email ... `email/batch` | Send batch emails ... `prelude/notify-batch` | Batch SMS notifications
Require explicit user confirmation for every email/SMS send or batch, show recipients and content before sending, and disable these models unless the user specifically needs them.
Compromise or misuse of the API key could affect many services or consume paid quota beyond the user's original expectation.
A single credential is presented as granting access to many providers and action types. The artifacts do not describe scoping the key to only video work or limiting sensitive actions such as email, SMS, storage, scraping, or document processing.
One API key, 50+ models across providers ... Call any model directly by ID ... Auth: `-H "Authorization: Bearer $SKILLBOSS_API_KEY"`
Use a least-privilege key if the provider supports it, restrict enabled model/action classes, and avoid installing this skill if only local ffmpeg frame extraction is needed.
Sensitive prompts, media, audio, or documents may leave the local environment and be processed by SkillBoss or its downstream providers.
The skill sends user content such as prompts and audio to an external gateway. This is disclosed and expected for a provider API skill, but the artifacts do not describe retention, downstream provider routing, or privacy boundaries.
**Base URL:** `https://api.heybossai.com/v1` ... Speech-to-Text ... `inputs`: {"audio_data": "BASE64_AUDIO", "filename": "recording.mp3"}Do not send confidential content unless you trust the provider and understand its data retention, routing, and privacy terms.
Users may be confused or may run an unreviewed helper from elsewhere if they try to follow the examples directly.
The documentation references a run.mjs helper, while the provided manifest says this is an instruction-only skill with no code files. That is an incomplete provenance/review context for users who try those commands, though it is not evidence of automatic execution.
run.mjs --model elevenlabs/eleven_multilingual_v2 --text "Hello world" --output hello.mp3
Include the referenced helper with reviewed source code, or remove the run.mjs examples and rely on the documented curl commands.