Skillv0.1.0

ClawScan security

Openclaw Skill Cutmv Video Tool · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

ReviewFeb 26, 2026, 12:36 PM

Verdict: Review
Confidence: medium
Model: gpt-5-mini
Summary: The skill largely does what its README and SKILL.md say (calls ffmpeg/ffprobe to manipulate local media files), but the implementation contains a risky eval() on ffprobe output and other minor issues that warrant caution before installing or running on untrusted data.
Guidance: This skill appears to be what it claims (ffmpeg-based video tools) and has no unrelated credential or network requests, but take these precautions before use: - Review or patch the code: replace eval(video_stream.get('r_frame_rate', '0/1')) with a safe parser that splits the string on '/' and computes numerator/denominator (or use fractions.Fraction). Using eval on external data is unsafe. - Run the skill only in a restricted environment (sandbox, container, VM) when processing untrusted media files—ffmpeg and ffprobe have had security vulnerabilities and malformed media can trigger them. - Keep ffmpeg/ffprobe up to date from official releases. - If you want extra assurance, ask the author for a short explanation of why eval was used and for a patched version; or run a quick code review/tests that exercise get_video_info with crafted inputs. If you will only process trusted local files and can mitigate the eval issue, the skill is reasonable to use. If you process arbitrary uploads or untrusted files, treat it as risky until the eval usage is removed and you sandbox ffmpeg calls.

Purpose & Capability: okName, description, SKILL.md, and code align: the skill calls ffmpeg/ffprobe to cut, convert, compress, extract frames/audio, add watermarks/subtitles. Required system dependency (ffmpeg) is consistent with purpose; no unrelated credentials or binaries are requested.
Instruction Scope: noteSKILL.md instructs the agent to use ffmpeg/ffprobe and local Python APIs/CLI—scope is consistent. However, the code processes arbitrary user-supplied files and calls ffmpeg/ffprobe; the code also uses eval() on ffprobe output (r_frame_rate) which is unnecessary and introduces code-injection risk if ffprobe output can be manipulated. Also, processing untrusted media can expose the host to any native ffmpeg vulnerabilities, so run on untrusted files in a sandbox.
Install Mechanism: okNo install spec (instruction-only + single Python file). This minimizes install-time risk—nothing is downloaded or executed during install by the skill itself. The only external dependency is the system ffmpeg binary, which is standard and documented in SKILL.md.
Credentials: okThe skill requests no environment variables, credentials, or config paths. That is proportional to a local media-processing utility.
Persistence & Privilege: okThe skill is not always-enabled and does not request persistent/privileged platform presence. It does not modify other skills or platform configuration in the provided files.