Back to skill
Skillv1.2.0
ClawScan security
AI UGC Video Pipeline · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
SuspiciousMar 6, 2026, 11:14 PM
- Verdict
- suspicious
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The SKILL.md describes a plausible UGC video pipeline and requests appropriate API keys, but the package metadata contradicts those requirements and the runtime instructions reference scripts and binaries that are not present in the skill bundle — this mismatch is a significant coherence concern.
- Guidance
- Do not install or supply API keys to this skill as-is. The SKILL.md expects npm/node scripts and a Python overlay but the package contains only the README — that is a coherence failure. Before proceeding, ask the publisher for the source repository or a packaged release that includes the referenced scripts and a verified install spec. If you must test it: (1) run in an isolated sandbox or VM, (2) use ephemeral or least-privilege API keys (scoped service accounts and low quotas), (3) inspect all scripts for unexpected network calls or filesystem access, and (4) confirm the meaning of the 'uv' binary and any cross-skill dependencies. If the author can't provide code or a trustworthy source URL/homepage, treat the skill as incomplete and avoid handing over real credentials.
Review Dimensions
- Purpose & Capability
- concernThe described purpose (GPT → ElevenLabs → fal.ai Aurora/Kling → Whisper → ffmpeg) legitimately requires FAL_KEY, ELEVENLABS_API_KEY, OPENAI_API_KEY and binaries like node and ffmpeg; the SKILL.md lists those. However the registry metadata at the top of the submission indicates no required env vars or binaries — a direct inconsistency between what the skill claims to need and what the package declares. The stated purpose itself aligns with the APIs named, but the metadata/manifest mismatch is suspicious.
- Instruction Scope
- concernThe runtime instructions tell the agent to run npm install and multiple node scripts (generate.js, broll.js, transcribe_captions.js) and a Python overlay.py, and to call external APIs (fal.ai, ElevenLabs, OpenAI). Those calls are expected for this pipeline. Crucially, the skill bundle contains only SKILL.md and no code files or scripts referenced by the instructions — so the instructions cannot be executed as-is from this package. The doc also references a binary named 'uv' (unclear meaning) and a cross-skill dependency (skill-tiktok-ads-video) which are not further explained.
- Install Mechanism
- concernThere is no install spec in the registry (instruction-only), which normally lowers risk. But SKILL.md instructs running npm install and node scripts as if code were included. Because no code or install artifacts are present in the package, the instructions either assume an external repository or are incomplete/misleading. That mismatch (no install vs. instructions that require package installation) is a red flag.
- Credentials
- concernThe environment variables required by SKILL.md (FAL_KEY, ELEVENLABS_API_KEY, OPENAI_API_KEY) are proportional to the stated integrations and are reasonable for this task. The concern is that the registry metadata declares no required env vars or primary credential while the SKILL.md explicitly requires three API keys. This disparity means automated permission checks or prompts could be incorrect; users might unknowingly provide keys to an unknown/unsigned skill.
- Persistence & Privilege
- okThe skill is not set always:true and does not request system config paths or other skills' credentials. It is user-invocable and allows model invocation (platform defaults). No evidence it requests persistent presence or modifies other skills.