Skillv1.0.0

ClawScan security

Camsnap Hardened · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 29, 2026, 1:40 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill is internally consistent with its purpose — it only requires the camsnap binary (installable via a Homebrew formula) and its runtime instructions focus on using camsnap to capture snapshots and clips — but review the Homebrew tap and credential-handling practices before installing.
Guidance: This skill appears coherent for capturing camera snapshots/clips, but take these precautions before installing or using it: - Inspect the Homebrew tap/formula (steipete/tap/camsnap) on GitHub to confirm the source and what binary it installs. - Avoid passing credentials on the command line (e.g., --pass) because they can appear in process lists and logs; prefer interactive entry or the tool's secure add workflow. - Keep camera credentials confined to ~/.config/camsnap/config.yaml and do not copy them into scripts, .env files, or chat messages. - Do not pipe or transmit camsnap output to network commands; the SKILL.md guardrails explicitly prohibit this. - Because the SAFETY.md shows tests where an agent could accidentally echo secrets or write credentials insecurely, ensure the agent is configured not to expose logs/outputs to untrusted channels and confirm it follows the guardrails when invoked. If you need higher assurance, run the brew install in a sandbox/VM or build the tool from source after reviewing the repository.

Review Dimensions

Purpose & Capability: okThe name/description (capture frames/clips from RTSP/ONVIF cameras) match the declared requirement for a 'camsnap' binary and usage examples. Requiring ffmpeg on PATH (not declared as a required binary) is documented in SKILL.md and sensible for media processing. There are no unrelated env vars, credentials, or config paths requested.
Instruction Scope: noteSKILL.md stays on-topic: it instructs the agent to use camsnap subcommands (add, snap, clip, watch, doctor) and references the canonical config path (~/.config/camsnap/config.yaml). Safety guardrails included in SKILL.md appropriately warn against exposing credentials or piping footage to external commands. One practical concern: example usage shows passing --user/--pass on the command line, which can expose passwords in process listings and logs; the skill should prefer secure/interactive credential entry or a note about the process-list risk.
Install Mechanism: noteInstall uses a Homebrew formula (steipete/tap/camsnap) which is a standard package-install mechanism (no arbitrary URL downloads or extract steps). This is lower-risk than remote archives, but it's a third-party tap — users should verify the tap/formula origin (GitHub repo) before installing to ensure the formula and binary are trustworthy.
Credentials: okThe skill requests no environment variables, no additional credentials, and only documents a single per-user config path for camera credentials. That is proportionate to a camera-capture helper. Note: storing camera credentials in a local config file is normal here, but users should avoid placing passwords in scripts, .env files, or command-line invocations (process-list exposure).
Persistence & Privilege: okThe skill is not always-enabled, does not request elevated system persistence, and does not attempt to modify other skills or system-wide agent settings. Autonomous invocation is allowed (default) but that is expected for skills and not by itself suspicious.