Openclaw Skills
PassAudited by VirusTotal on May 10, 2026.
Overview
Type: OpenClaw Skill Name: veezvg-episode-to-instagram Version: 1.0.1 The skill bundle provides a legitimate end-to-end pipeline for converting video episodes into Instagram content using ffmpeg, OpenAI's Whisper API, and Playwright-based browser automation. The scripts (transcribe.sh, post-to-instagram.js, etc.) are well-documented, align strictly with the stated purpose in SKILL.md, and include safety features such as mandatory user approval steps and preview screenshots before publishing. No evidence of data exfiltration, malicious persistence, or harmful prompt injection was found.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A malicious or malformed input path/content plan could cause the helper to run commands on the user's machine when extracting frames.
The script interpolates shell variables directly into a Python program passed to python3 -c. Timestamp JSON and file paths are supplied at runtime, so crafted values containing quotes or Python syntax could break out of the intended string and execute unintended local code.
python3 -c "... timestamps = json.loads('''$TIMESTAMPS_JSON''')\nvideo = '$VIDEO_FILE'\nframes_dir = '$FRAMES_DIR' ..."Do not embed runtime data into Python source strings. Pass JSON and paths through files, stdin, argv, or environment variables, then parse them safely; also validate/sanitize timestamp objects before running ffmpeg.
If approved or run with the posting flag, the skill can publish content to the logged-in Instagram account.
The skill intentionally controls a browser to upload media and publish Instagram posts/Reels. This is disclosed and approval-gated, but it is still high-impact account automation.
Uses `openclaw browser` to: ... Upload the staged media ... Enter the caption text ... Screenshot the preview for final confirmation ... Only post after explicit approval
Use dry-run/preview first, review the exact media and caption, and only approve posting when the target account and content are correct.
Episode audio is sent to OpenAI for transcription, and the logged-in Instagram account is used to create drafts or posts.
The skill uses an OpenAI API key for transcription and a logged-in Instagram browser session for posting. These credentials are purpose-aligned and disclosed, but the registry metadata lists no required credentials or env vars.
`OPENAI_API_KEY` for `scripts/transcribe.sh` ... `openclaw browser` for the Instagram draft flow ... an Instagram session already logged into the OpenClaw browser profile
Use a dedicated or least-privilege account/session where possible, confirm you are comfortable sending the episode audio to OpenAI, and set API keys only in the intended shell environment.
Running npm install may execute dependency install logic or fetch/build native components.
The optional slide-generation dependency is pinned in the lockfile but uses a native install/prebuild path. The README makes npm install user-directed, so this is a supply-chain notice rather than hidden installation behavior.
"node_modules/canvas": { "version": "3.2.3", ... "hasInstallScript": true, ... "prebuild-install": "^7.1.3" }Install dependencies only from a trusted network/environment, keep the lockfile intact, and avoid running npm install if you do not need local carousel rendering.