ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Video Proof

v1.0.2

Record video proof of implemented features after coding tasks complete. Use when a coding agent finishes work and needs to visually verify and demonstrate th...

1· 384·0 current·0 all-time
by@rikisann
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the included scripts: record-proof.js uses Playwright to record screen/screenshot/console output and api-proof.js exercises HTTP endpoints. Dependencies (Playwright, yaml, optional ffmpeg) are appropriate for the declared functionality.
Instruction Scope
SKILL.md and scripts limit themselves to starting a local server (via a user-provided start_command), driving a browser or HTTP requests, and writing local artifacts. However, start_command accepts any shell command (intentionally) so a malicious or mistaken proof-spec could cause arbitrary commands to run — this is a necessary capability for starting apps but is a user-supplied attack surface that should be reviewed before running.
Install Mechanism
There is no platform install spec in metadata, but scripts/setup.sh performs npm installs, runs npx playwright install (downloads browser binaries), and may call system package managers (apt-get/brew/dnf/pacman) with sudo to install ffmpeg. These are standard for Playwright but require network access and (for ffmpeg) elevated privileges on some systems.
Credentials
The skill does not declare or read any secrets or unrelated environment variables. The scripts copy the current environment into spawned processes and set only PORT/BROWSER; no credentials or external tokens are requested.
Persistence & Privilege
Skill is not always-enabled and does not try to persist as an agent-level plugin. The one-time setup script can install system packages and may use sudo to install ffmpeg; runtime spawns detached server processes (killed by process group) which is expected but means long-running processes could be created if a start_command forks.
Assessment
This skill appears to do what it says: start your app, run scripted steps, and capture video/screenshots/logs. Before using it: (1) inspect any proof-spec.yaml provided by an agent — the start_command field runs exactly what you put there and can execute arbitrary shell commands; (2) run scripts/setup.sh only on machines you control (it will download npm packages, Playwright browser binaries, and may attempt to use sudo to install ffmpeg); (3) avoid pointing base_url at sensitive external services or endpoints with secrets — api-proof.js will send HTTP requests to whatever URL you configure; (4) prefer running in an isolated environment (local dev VM, CI runner, or container) rather than on a machine with sensitive credentials. If you want, run the scripts manually once to verify behavior before integrating into an automated agent workflow.

Like a lobster shell, security has layers — review code before you run it.

latestvk978vgxj31hj85jkjc9g2ynzgn81xhfr

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments