Skillv1.0.0

ClawScan security

FFmpeg Video Watermark Remover · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 15, 2026, 2:12 PM

Verdict: suspicious
Confidence: high
Model: gpt-5-mini
Summary: The skill's files and runtime instructions generally match its stated purpose, but there are clear mismatches and undeclared platform assumptions (ffmpeg/ffprobe usage and a hard-coded workspace path) that make the package internally inconsistent and worth reviewing before install.
Guidance: Before installing, note three issues: (1) The code and instructions call ffmpeg and ffprobe but the skill metadata doesn't declare them — ensure ffmpeg/ffprobe and Python are available on the host. (2) The SKILL.md instructs saving output into /root/.openclaw/workspace/downloads/ and sending via a 'message' tool; confirm you are comfortable with files being written to that root-scoped workspace and with the platform message/vision tools accessing derived frames. (3) Removing watermarks may implicate copyright/usage policy — consider legal/ethical constraints. Recommended actions: request the publisher update metadata to list required binaries and any platform tools, or run the scripts locally in a sandbox to verify behavior; inspect outputs before any external sending; and avoid running on sensitive/private videos unless you control the destination/use.

Review Dimensions

Purpose & Capability: concernThe SKILL.md and both Python scripts call ffmpeg and ffprobe to extract frames and run delogo, but the skill metadata declares no required binaries or config paths. A watermark-removal skill legitimately needs ffmpeg/ffprobe (and Python), so the metadata omission is an incoherence that could hide runtime failures or surprise users.
Instruction Scope: noteInstructions are specific about extracting frames, using a vision model ('image' tool) to locate watermark bounding boxes, segmenting, applying ffmpeg delogo, and verifying results. This scope is reasonable for the stated task, but the SKILL.md also instructs saving outputs to /root/.openclaw/workspace/downloads/ and sending via a 'message' tool; those platform-specific I/O steps are not declared in metadata and may expose files into a root-scoped workspace without explicit consent.
Install Mechanism: okNo install spec (instruction-only plus small helper scripts). No third-party downloads or obscure installers. Scripts are plain Python that call system ffmpeg/ffprobe, which is a low-risk install footprint — provided the required binaries are known and available.
Credentials: concernThe skill requests no environment variables or credentials, which is consistent with the code. However, it implicitly requires platform tools ('image' and 'message') and writes to a hard-coded root workspace path; these platform assumptions should be declared. Also the metadata should list ffmpeg/ffprobe as required binaries.
Persistence & Privilege: okalways is false and the skill does not request to persistently modify other skills or system-wide settings. It writes temporary files under /tmp and outputs to a workspace path; this is normal for processing tools but the target path is platform/root-scoped.