subtitle-refiner
Security checks across static analysis, malware telemetry, and agentic risk
Overview
The skill’s subtitle-refining purpose is coherent, but the code prints the full API key and full subtitle/API payloads to stderr, which could expose secrets and private transcript content in logs.
Review this skill carefully before installing. Its core function is understandable, but it should not print API keys or full subtitle contents to logs. Ask the publisher to remove or gate verbose logging, redact credentials, and correct the registry requirements before using it with real API keys or private subtitles.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Anyone who can see the runtime logs could copy the API key and use the SiliconFlow account.
The script prints the complete SiliconFlow API key to stderr. API keys are credentials, and exposing them in logs can allow unauthorized use or billing charges.
print(f"🔑 认证: Bearer {SILICONFLOW_API_KEY}", file=sys.stderr)Do not install or run until the skill redacts secrets in logs, for example by printing only a short masked prefix/suffix or omitting the Authorization value entirely.
Private subtitle content may appear in system logs or debugging output where the user did not expect it.
The prompt and payload can include the full subtitle transcript, and the response can include refined subtitle text. Logging them in full creates an additional data exposure path beyond the disclosed API call.
# 打印消息内容(完整不截断) ... print(f"{content}", file=sys.stderr) ... print(json.dumps(payload, indent=2, ensure_ascii=False), file=sys.stderr)Limit debug logging by default, avoid printing full prompts/responses for user files, and provide an explicit debug mode with clear privacy warnings.
The uploaded subtitle text and generated subtitle file may leave the local workspace and be processed or delivered by third-party services.
The skill discloses that subtitle content is processed through SiliconFlow and the optimized file is sent through Feishu. This is aligned with the stated purpose, but it is still an external data flow.
Endpoint: `https://api.siliconflow.cn/v1/chat/completions` ... 该脚本会将优化好的文件发送至飞书
Use this skill only for subtitle files you are comfortable sending to SiliconFlow and Feishu, and verify the intended Feishu chat before running.
Users may not notice before installation that the skill requires a Python runtime and a SiliconFlow API key.
The skill declares runtime and credential requirements in SKILL.md, while the supplied registry metadata lists no required binaries or environment variables. This is an under-declared setup requirement rather than proof of malicious behavior.
"requires": { "bins": ["python3"], "env": ["SILICONFLOW_API_KEY"] }, "primaryEnv": "SILICONFLOW_API_KEY"Update registry metadata to declare python3, SILICONFLOW_API_KEY, and any Python package requirements such as requests.