Exposed secret literal
Critical
- Finding
- File appears to expose a hardcoded API secret or token.
550W视频去字幕
Security checks across static analysis, malware telemetry, and agentic risk
Overview
The skill appears purpose-aligned for sending user-selected videos to 550W's API, but users should know it uses their API credentials, uploads media, and may consume paid credits.
Install only if you trust the 550W service and the skill publisher. Treat uploaded videos as shared with the provider, protect SUBTITLE_REMOVER_USER_NO and SUBTITLE_REMOVER_API_KEY, consider checking credits before running the workflow, and avoid creating a local .credentials.json file unless you can secure it.
Static analysis
Exposed secret literal
Critical
- Finding
- File appears to expose a hardcoded API secret or token.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
What this means
A user-selected video or URL may be processed by the provider, and each submitted job may spend account credits.
Why it was flagged
This shows the workflow submits jobs to an external API and repeated submissions can independently bill credits. That is aligned with the skill purpose, but users should control when it runs.
Skill content
| workflow | 端到端工作流:上传→提交→轮询→返回结果 | ... 相同 videoUrl 重复提交会被视为独立任务并独立计费
Recommendation
Use the workflow only for intended media, consider checking credits or estimating cost first, and avoid repeated submissions unless you intend to pay for them.
What this means
With the configured credentials, the skill can submit tasks, query credits, and list account task history through the provider API.
Why it was flagged
The client includes the user's account identifier and API key in provider requests. This is expected for authentication but grants the skill authority to use the 550W account.
Skill content
userNo: this.credential.userNo, apiKey: this.credential.apiKey
Recommendation
Use a dedicated API key if available, keep the key in a secure environment/secret store, and rotate it if it may have been exposed.
What this means
If the local credential file is created, other local processes or users with filesystem access might be able to read the API key depending on system permissions.
Why it was flagged
The credential manager can persist userNo and apiKey into a local JSON file. This is a convenience feature, but the artifacts do not show explicit restrictive file permissions.
Skill content
path.resolve(__dirname, "../.credentials.json") ... fs.writeFileSync(this.storagePath, JSON.stringify(stored, null, 2), "utf-8")
Recommendation
Prefer environment variables or a secret manager; if using the file-based set method, restrict file permissions and delete the file when no longer needed.
What this means
For URL-based tasks, the user may not see locally verified video dimensions or duration before a paid processing task is submitted.
Why it was flagged
For remote URL workflows, the included probe function returns fixed fallback metadata rather than locally measuring the video. This is not hidden exfiltration, but it can make cost or validation expectations less transparent.
Skill content
return { width: 1280, height: 720, duration: 600 }Recommendation
If cost accuracy matters, verify video metadata separately or query/estimate credits before submitting the task.
What this means
Dependency behavior could change across installations if versions are not locked.
Why it was flagged
Runtime dependencies are declared with semver ranges and no lockfile is included in the supplied artifacts, so future installs could resolve to newer dependency versions.
Skill content
"dependencies": { "axios": "^1.7.2", "form-data": "^4.0.0" }Recommendation
Install from trusted sources and use a lockfile or pinned dependency versions for reproducible deployments.