Skillv0.2.5

ClawScan security

Video Sourcing · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousMar 6, 2026, 7:56 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's behavior matches its stated purpose (it needs YouTube/Google keys and runs a pinned video-sourcing runtime), but it bootstraps and executes third‑party code on the host (unsandboxed) which increases risk and deserves review before installation.
Guidance: This skill does what it says: it will clone a pinned GitHub repo and run its code on your machine, using your GOOGLE_API_KEY and YOUTUBE_API_KEY. Before installing, review or vet the remote repository (https://github.com/Memories-ai-labs/video-sourcing-agent) and its dependencies, verify you trust the maintainer, and be aware the runtime runs unsandboxed and can access your filesystem and any environment variables. If possible, run it in an isolated environment (VM/container) first, use least-privilege API keys, and be prepared to rotate keys if you proceed. Also note the registry metadata omitted a homepage while SKILL.md references the GitHub repo — that mismatch is worth confirming with the skill author.

Review Dimensions

Purpose & Capability: okName, description, declared binaries (git, uv) and required env vars (GOOGLE_API_KEY, YOUTUBE_API_KEY) align with a video-sourcing agent that queries YouTube/Google-backed APIs. Minor note: SKILL.md mentions other platforms (TikTok/Instagram/X) but no credentials for those are requested — that may be because the pinned runtime handles them differently, but it's not explained.
Instruction Scope: concernSKILL.md and the script require host runtime execution (sandbox mode off) and will clone a remote repository and execute its code. The runtime bootstraps to ~/.openclaw/data/video-sourcing-agent and runs uv run python -m video_sourcing_agent.integrations.openclaw_runner, meaning arbitrary code from the pinned repo will be executed with access to local environment and files. The skill also references VIDEO_SOURCING_AGENT_ROOT as an override (not listed in required envs) and instructs polling/kill behavior for processes — all expected but increasing attack surface.
Install Mechanism: concernThere is no packaged install spec; the included script clones a pinned GitHub repo (https://github.com/Memories-ai-labs/video-sourcing-agent) at tag v0.2.5 and runs 'uv sync' then 'uv run'. Using GitHub and a pinned tag is better than an unpinned download, but the behavior still writes code to disk and executes third-party dependencies at runtime, which is a high-impact operation and should be audited.
Credentials: noteThe skill only requires GOOGLE_API_KEY and YOUTUBE_API_KEY, which are appropriate for YouTube/Google lookups. However, because the skill bootstraps and runs external code unsandboxed, that code will have access to any other environment variables and local files; treat API keys and other secrets as exposed to the runtime and consider using limited-scope keys or rotating them after use.
Persistence & Privilege: notealways:false and user-invocable:true (normal). The script persists a managed runtime under ~/.openclaw/data/video-sourcing-agent/v0.2.5 and creates a lock/marker file; this is reasonable for a self-bootstrap runtime. The main privilege concern is the unsandboxed execution of the bootstrapped code rather than any special platform flags.