Skillv1.0.0

ClawScan security

ZeroCut AI Video · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

ReviewMar 16, 2026, 1:42 PM

Verdict: Review
Confidence: medium
Model: gpt-5-mini
Summary: The instructions match a ZeroCut CLI media helper but contain unexplained inconsistencies (no declared binary/install, no source/homepage) and ambiguous external syncing behavior that deserve clarification before installing.
Guidance: Before installing or using this skill: 1) Ask the publisher (or check source/homepage) for the zerocut CLI binary location and installation steps — this skill assumes a binary but doesn't declare it. 2) Ask what 'TOS' refers to and where generated media are uploaded; do not proceed unless you trust that endpoint. 3) Avoid passing sensitive local files or credentials via --refs/--resources since the skill syncs files and may upload outputs. 4) If you must try it, run in an isolated environment (sandbox/container) and monitor network/file activity. 5) Prefer skills that publish source, a homepage, or explicitly list required binaries and any endpoints they contact.

Review Dimensions

Purpose & Capability: concernThe SKILL.md is clearly written to drive a 'zerocut' CLI (many zerocut ... examples), but the skill metadata declares no required binaries and has no install spec or source/homepage. A consumer would reasonably expect the zerocut binary (or installation instructions) to be declared — its absence is an incoherence.
Instruction Scope: concernInstructions tell the agent to sync arbitrary local paths or URLs into a sandbox and to auto-download outputs to the local working directory. They also say generated media 'are synced to TOS' with no explanation. While these behaviors are plausible for a media tool, they create scope for unexpected data transfer (exfiltration) and for fetching untrusted remote resources. The doc claims command validation (ffmpeg/ffprobe/pandoc) but as an instruction-only skill there is no enforcement here — the platform or binary must implement that validation.
Install Mechanism: noteThis is an instruction-only skill (no install spec), which is low-risk from a code-install perspective. However, omission of the required zerocut binary installation or a statement that the environment already includes it is surprising and reduces coherence.
Credentials: concernThe skill requests no credentials or env vars, yet it mentions syncing outputs to 'TOS' (unspecified) and syncing resources from URLs. If the skill actually uploads to an external service it would typically need credentials or at least document the endpoint — the lack of declared credentials or explanation is disproportionate or missing information.
Persistence & Privilege: okThe skill does not request always: true, does not declare autonomous elevation, and has no install hooks. It appears to rely on the existing environment and does not demand persistent platform privileges.