Skillv1.0.0

ClawScan security

Ffmpeg Chinese Subtitle · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousMar 25, 2026, 7:09 AM

Verdict: suspicious
Confidence: high
Model: gpt-5-mini
Summary: The code implements the described Pillow + ffmpeg subtitle approach and looks non-malicious, but the package metadata and declared requirements are inconsistent (ffmpeg/ffprobe are used but not declared, package.json lists Python dependency), so review before installing.
Guidance: This package appears to implement the stated Pillow + ffmpeg subtitle approach and is not obviously malicious, but take these precautions before installing or running it: - Ensure ffmpeg and ffprobe are installed and on PATH — the code calls them but the skill metadata does not declare them as required. - Install Python dependency manually (pip install Pillow) because package.json is a Node manifest and does not install Python packages for you. - Review the included Python files locally. The code runs subprocess.run to call ffmpeg/ffprobe; because it uses argument lists rather than shell=True the injection risk is lower, but you should still avoid passing untrusted strings as filenames. - Confirm font paths on your system (C:/Windows/Fonts/...) or supply a safe font_path when calling add_subtitle_to_image. - Run in an isolated environment (virtualenv/container) if you are unsure, and inspect repository URL or source origin (the package lists a GitHub URL) before trusting automated installs. If the maintainer updates metadata to declare required binaries (ffmpeg, ffprobe) and provides a proper Python install manifest (requirements.txt or setup.py), the package would be much clearer and easier to trust.

Review Dimensions

Purpose & Capability: concernThe skill's purpose (render Chinese subtitles with Pillow and use ffmpeg to make video) matches the code. However the metadata declares no required binaries while example.py and README call external tools ffmpeg and ffprobe via subprocess; those binaries should be declared as required. Also package.json is a Node manifest but lists the Python dependency 'Pillow', which is inconsistent with a Python-only package.
Instruction Scope: okSKILL.md and the code instruct the agent to draw text onto images with Pillow and invoke ffmpeg/ffprobe to produce/inspect media. The instructions and code only touch input images, audio, and standard system font paths; they do not attempt to read unrelated system files or exfiltrate data. Commands are invoked via subprocess with argument lists (not shell strings), which reduces command-injection risk.
Install Mechanism: noteThere is no install spec (instruction-only + included Python files), which is low-risk. Minor oddity: a package.json file exists (Node-style) that lists 'Pillow' in dependencies; there is no requirements.txt or setup.py. This is inconsistent but not directly dangerous—users must still pip-install Pillow and ensure ffmpeg/ffprobe are installed separately.
Credentials: okThe skill requests no environment variables or credentials. It accesses standard OS font paths to locate Chinese fonts, which is appropriate for its purpose and proportional to functionality.
Persistence & Privilege: okThe skill does not request persistent/always-on privileges and does not modify other skills or system-wide agent settings. It runs only when invoked.