ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Viral Reels Creator

v1.0.0

Full-featured viral Reels creator and editor powered by ffmpeg. Use this skill whenever the user wants to create, edit, find, or produce viral Instagram Reel...

0· 33·0 current·0 all-time
byYash Kavaiya@yash-kavaiya
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name, description, and included files (ffmpeg commands, caption templates, color grades, beat/scene detection scripts) are coherent with a viral Reels creator. However the metadata claims no required binaries or env vars while the SKILL.md explicitly instructs installation/use of ffmpeg and Python packages (opencv, librosa, etc.). The registry should have declared ffmpeg and Python dependencies; the mismatch is a notable inconsistency.
!
Instruction Scope
SKILL.md tells the agent to run system package installs (apt-get), pip installs (including --break-system-packages), run Python scripts and ffmpeg commands, inspect /mnt/user-data/uploads/, copy assets to /home/claude/, and write outputs to /mnt/user-data/outputs/. Those are valid for a local video tool, but they grant broad filesystem and package-management access and include example Python code that calls subprocess.run(..., shell=True). The instructions also assume host filesystem layout (paths like /mnt/user-data) which may be outside a user's expectations — this increases the potential impact if the agent runs autonomously.
!
Install Mechanism
There is no formal install spec in the registry, but SKILL.md instructs using apt-get and pip to install runtime dependencies. Because install steps are provided only as freeform instructions (not a vetted package spec), they rely on executing arbitrary system commands on the host. The pip install list (opencv-python, librosa, soundfile) and apt-get of ffmpeg are reasonable for functionality but should be run intentionally by the user in a controlled environment.
Credentials
The skill does not request environment variables, credentials, or external service tokens. All operations are local (ffmpeg, Python libs, file I/O). No declared need for secrets — that aligns with the stated purpose.
Persistence & Privilege
always:false (no forced inclusion) and model invocation is allowed (default). That means the agent could autonomously run the skill when eligible. Combined with the ability to run system commands and access host paths, autonomous invocation increases blast radius; however this is platform-default behavior and not unique to this skill.
What to consider before installing
This skill looks like a genuine ffmpeg-based reels editor, but it asks you (via SKILL.md) to run system package installs, run Python scripts that themselves may execute shell commands, and access host filesystem paths (/mnt/user-data, /home/claude). Before installing or allowing autonomous use: 1) Verify you trust the skill source (homepage unknown). 2) Inspect the full contents of the three scripts (scripts/*.py, batch-export.sh) for any network calls, unexpected shell exec, or writes outside intended output folders. 3) Run any apt-get/pip installs manually in a sandbox or container (not on a production host). 4) If you allow the agent to run this skill, restrict its runtime environment (chroot/container, limited filesystem mounts) so it only reads/uploads the folders you expect. If you want, I can review the contents of the scripts (full source) and flag any suspicious network or credential usage in them.

Like a lobster shell, security has layers — review code before you run it.

latestvk977pdpcs04mmyawc7cnjc35yd842087

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments