gemini video analyze
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The skill can make requests billed or governed under the user's Google API account.
The skill uses a Google/Gemini API key, which is expected for calling Gemini, but users should recognize that it relies on their Google API credential.
api_key = cli_api_key or os.getenv("GEMINI_API_KEY") or os.getenv("GOOGLE_API_KEY")Use a dedicated, least-privileged Gemini API key if possible, and avoid passing the key on the command line where shell history may retain it.
Google Gemini will receive the video URL and the user's analysis prompt.
The script sends the provided video URL and prompt to the Gemini provider for analysis. This is central to the skill's purpose, but it is still an external data flow.
response = client.models.generate_content(model=args.model, contents=contents)
Only use public video URLs as documented, and do not include confidential information in prompts unless that use is acceptable under your Google/Gemini data policy.
A user may need to install the Google GenAI package manually before the script works.
The dependency is not installed automatically and is expected for Gemini access, but it is not captured in an install specification or pinned version.
"Missing dependency 'google-genai'. Install it with: pip install google-genai"
Install dependencies from trusted package indexes and consider pinning a known-good google-genai version in environments that require reproducibility.