Skillv0.1.0

ClawScan security

Huo15 Comic Video · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 24, 2026, 4:24 AM

Verdict: suspicious
Confidence: high
Model: gpt-5-mini
Summary: The skill's code is coherent with a video-generation purpose (calls a remote Ark API and writes outputs), but the package metadata and SKILL.md omit a required credential (ARK_API_KEY) and do not disclose network/data-sending behavior or cost implications — this mismatch is concerning.
Guidance: Before installing or running this skill, note: (1) The bundled code will call a remote Volcengine/Ark API and will upload your local frame images (they are base64-encoded and sent). Do not point frame-dir to any sensitive images you don't want uploaded. (2) The code requires an ARK_API_KEY environment variable at runtime but the skill metadata/SKILL.md do not declare this — you should only provide that key if you trust the provider. (3) The tool writes .checkpoint.json and .cost.json to the project parent directory and will download video and last-frame assets to disk. (4) The workflow incurs real cloud cost; confirm cost_cap and pricing before running. Recommended actions: ask the publisher to update metadata and SKILL.md to list required env vars (ARK_API_KEY) and endpoints, run the skill in an isolated environment, audit the API key permissions and billing limits, and review the provider's privacy/terms for uploaded content.

Review Dimensions

Purpose & Capability: noteThe code implements Seedance 2.0 image→video workflows against a Volcengine/Ark endpoint, which matches the skill name/description. However, the skill registry declares no required env vars or credentials even though ark_api.ArkClient requires ARK_API_KEY at runtime. That omission is an inconsistency between stated metadata and actual capability.
Instruction Scope: noteSKILL.md shows running scripts/video.py with local script/frame dirs and out dir — the runtime instructions are narrowly scoped to generate videos. The code will read local frame image files (base64-encode and upload them), post prompts and image data to the Ark API, download video/last-frame URLs, and write video files and checkpoint/cost files to disk. The instructions do not mention the required API key, that images will be transmitted, nor the remote endpoints, which is a transparency gap.
Install Mechanism: okNo install spec — this is an instruction+bundled-Python-scripts skill. No external archive downloads or package installs are requested, which keeps install risk low.
Credentials: concernThe code requires an ARK_API_KEY environment variable (ArkClient.__init__ raises if absent), but the skill metadata lists no required env vars or primary credential. Additionally, config.py references other third-party endpoints (kling, sunoapi) and models; while not directly invoked by this script, their presence increases surface area for credential requirements in related scripts. The missing declaration of ARK_API_KEY and the lack of explicit guidance about what credentials are needed is disproportionate.
Persistence & Privilege: okThe skill writes outputs (MP4s, last_frames) and state files (.checkpoint.json and .cost.json) into the provided output/project directories for resumability — this is expected behavior for a pipeline tool. always:false and normal autonomous invocation are used.