Video to GIF
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This skill appears to locally convert user-provided videos to GIF/WebP with ffmpeg; the main cautions are using a trusted ffmpeg install and choosing an output path that is safe to overwrite.
This skill is reasonable for local video-to-GIF/WebP conversion. Before using it, make sure ffmpeg and ffprobe are installed from a trusted source, provide only videos you intend to process, and choose an output filename that is safe to create or overwrite.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the output path already exists, it may be overwritten during conversion.
The skill invokes ffmpeg as a local external tool and passes the selected output path with ffmpeg's overwrite flag. This is expected for video conversion, but it means the output path should be chosen intentionally.
subprocess.run(cmd, check=True) ... "ffmpeg", "-y", ... str(args.output)
Use an explicit output path in a safe working folder and avoid naming important existing files as the output.
The skill will fail unless ffmpeg and ffprobe are already installed, and it will use whichever versions are available on PATH.
The required system binaries are disclosed in the instructions, but the registry metadata lists no required binaries and there is no install spec, so this dependency may not be visible before use.
The script requires `ffmpeg` and `ffprobe` on PATH. If missing, tell the user the dependency is absent and do not attempt risky system installation without confirmation.
Install ffmpeg/ffprobe from a trusted source and consider updating the skill metadata to declare these binaries as requirements.