OpenClaw Video Publisher
Security checks across static analysis, malware telemetry, and agentic risk
Overview
The skill matches a video-publishing purpose, but it would use unreviewed external code and broad social-media credentials to bulk or schedule public posts.
Review the external package before installing, test with non-production accounts, use narrowly scoped tokens, and require explicit confirmation before any batch or scheduled publishing. Be especially careful because this tool can post publicly on your behalf across multiple platforms.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing the referenced package could run unreviewed code with access to your video files and publishing credentials.
The skill directs installation of external runnable code, but the submitted artifacts contain no implementation or install spec to review. Because that external code would handle credentials and public posting, the provenance gap is material.
npm install -g openclaw-video-publisher ... git clone https://github.com/ZhenRobotics/openclaw-video-publisher.git
Verify the npm package and GitHub repository before use, pin versions, inspect the source and lockfiles, and avoid giving production credentials until the implementation is trusted.
If the tool or credentials are misused, content could be published or account actions could be taken under your social-media identities.
The skill expects persistent platform credentials for multiple social-media accounts. These credentials are purpose-aligned, but they are high-impact and the registry metadata declares no primary credential or required environment variables.
"access_token": "your-access-token" ... "session_id": "your-session-id" ... "refresh_token": "your-refresh-token"
Use least-privilege platform credentials, separate test accounts where possible, restrict token scopes, rotate tokens after testing, and do not store production secrets in unreviewed configurations.
An agent could publish the wrong videos, metadata, or platforms in bulk, potentially creating public posts that are difficult to undo.
The documented workflow can bulk-publish every video in a directory with automatic retries. For public platforms, this is a high-impact mutation and the artifacts do not specify confirmation, preview, or bounded approval controls.
for video in "$VIDEO_DIR"/*.mp4; do ... ./publish.sh upload ... --platforms "$PLATFORMS" ... --retry
Require an explicit preview and user confirmation for each batch, platform list, title/description, and schedule before publishing.
A scheduled task could keep publishing content after the initial conversation unless the user knows how to find and disable it.
The skill explicitly suggests creating scheduled tasks that automatically invoke publishing. The artifacts do not describe expiration, cancellation, review, or visibility controls for those persistent actions.
User: "每天下午 6 点发布视频到所有平台" Agent: 创建定时任务,自动调用发布工具
Only create schedules with clear user approval, visible schedule records, an end date, and documented cancellation instructions.