ClawHub

萤火虫多媒体设计助手

Security checks across malware telemetry and agentic risk

Overview

This skill’s network use, local file output, dependency checks, and media-generation helpers fit its stated purpose of creating news podcast packages, though users should understand it may use third-party services and configured API keys.

Install only if you are comfortable with a news-podcast skill using network search, external AI/TTS/image services, local media tools, and configured API keys. Review your OpenClaw provider settings first, avoid sensitive or confidential text, and prefer a controlled dependency install environment if using the optional package installer.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Behavioral ASTexec() Call, eval() Call, Dynamic Import
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

subprocess module call

Medium
Category
Dangerous Code Execution
Content
for pkg_name, install_cmd in packages:
        print(f"    {pkg_name}...", end=" ")
        try:
            subprocess.check_call(
                [sys.executable, "-m", "pip", "install", pkg_name],
                stdout=subprocess.DEVNULL, stderr=subprocess.DEVNULL,
                timeout=300,
Confidence
88% confidence
Finding
subprocess.check_call( [sys.executable, "-m", "pip", "install", pkg_name], stdout=subprocess.DEVNULL, stderr=subprocess.DEVNULL, timeout=300

subprocess module call

Medium
Category
Dangerous Code Execution
Content
def check_edge_tts_cli():
    """Check if edge-tts CLI is available."""
    try:
        r = subprocess.run(
            ["edge-tts", "--version"], capture_output=True, text=True, timeout=10,
            shell=(sys.platform == "win32")
        )
Confidence
84% confidence
Finding
r = subprocess.run( ["edge-tts", "--version"], capture_output=True, text=True, timeout=10, shell=(sys.platform == "win32") )

subprocess module call

Medium
Category
Dangerous Code Execution
Content
pass
    # Try python -m edge_tts
    try:
        r = subprocess.run(
            [sys.executable, "-m", "edge_tts", "--help"], capture_output=True, text=True, timeout=10,
            shell=(sys.platform == "win32")
        )
Confidence
72% confidence
Finding
r = subprocess.run( [sys.executable, "-m", "edge_tts", "--help"], capture_output=True, text=True, timeout=10, shell=(sys.platform == "win32") )

subprocess module call

Medium
Category
Dangerous Code Execution
Content
"""Check if ffmpeg and ffprobe are available."""
    for tool in ["ffmpeg", "ffprobe"]:
        try:
            r = subprocess.run(
                [tool, "-version"], capture_output=True, text=True, timeout=10,
                shell=(sys.platform == "win32")
            )
Confidence
86% confidence
Finding
r = subprocess.run( [tool, "-version"], capture_output=True, text=True, timeout=10, shell=(sys.platform == "win32") )

Context-Inappropriate Capability

Medium
Confidence
90% confidence
Finding
The script sends user-provided text to Edge TTS, which is a cloud-backed service, but this network/data egress behavior is not obvious from the skill metadata. In a creative toolkit, users may input product copy, internal scripts, or sensitive business text that is then transmitted to a third party without clear disclosure or consent.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal