AI Gaming Content
PassAudited by ClawScan on May 10, 2026.
Overview
The visible skill is a purpose-aligned content-research workflow, but it relies on third-party API keys, npm packages, and broad public-platform scraping that users should review before use.
This skill appears safe to review as an instruction-only workflow, not a bundled executable. Before using it, create separate API keys for Apify and InVideo, watch for API costs, install npm packages in a controlled project, and make sure any scraped clips or trend data are used in ways that respect platform terms and copyright.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The skill may make automated requests to public platforms through Apify and use the results to create monetized content.
The skill's core workflow uses automated scraping of third-party platforms. This is disclosed and aligned with the content-research purpose, but users should control scope, cost, and terms-of-service/copyright implications.
"Scrape trending games, clips and discussions from Reddit..." and "Extract top-performing gaming videos from TikTok and YouTube"
Run scraping only for sources you are allowed to use, keep result limits in place, and review platform terms and content rights before publishing generated videos.
If configured, the agent or scripts using this skill can spend API credits or access data available to those provider accounts.
The skill requires third-party provider credentials for Apify and InVideo. This is expected for the stated integrations, but those tokens can access provider accounts and potentially incur usage charges.
"export APIFY_TOKEN=apify_api_xxxxxxxxxxxxxxxx" and "export INVIDEO_API_KEY=iv_api_xxxxxxxxxxxxxxxx"
Use least-privilege or separate API keys where possible, monitor provider usage, store keys in a secret manager or environment variables, and revoke keys if no longer needed.
Installing packages from npm can execute or depend on third-party code outside the reviewed skill artifact.
The setup step downloads unpinned npm packages at install time. This is user-directed and relevant to the API examples, but package provenance and version drift are normal supply-chain considerations.
"npm install apify-client axios"
Install in a controlled project environment, consider pinning versions, use a lockfile, and review package provenance before running examples with API keys.
Users may be steered toward specific paid providers or expect monetization outcomes that are not guaranteed.
The artifact uses strong monetization/virality language and links that appear to include referral or tracking parameters. This is not malicious by itself, but it is promotional framing users should recognize.
"produce viral gaming videos with AI" / "videos that make money" and "Powered by: [Apify](https://www.apify.com?fpr=dx06p) + [InVideo AI](https://invideo.sjv.io/TBB)"
Evaluate provider pricing and alternatives independently, and do not treat virality or revenue claims as guaranteed results.