Oathe Security Badge

Is adminlove520/movie-subtitle-viewer safe?

https://clawhub.ai/adminlove520/movie-subtitle-viewer

92
SAFE

This skill appears to be a legitimate tool for downloading and processing movie subtitles from OpenSubtitles API. While it requires API credentials and contains executable code, all functionality matches its documentation and no malicious behavior was detected during monitoring.

Category Scores

Prompt Injection 95/100 · 30%
Data Exfiltration 85/100 · 25%
Code Execution 90/100 · 20%
Clone Behavior 95/100 · 10%
Canary Integrity 100/100 · 10%
Behavioral Reasoning 90/100 · 5%

Findings (4)

MEDIUM External API credentials required -10

Skill requires OpenSubtitles API credentials stored in environment variables. While used legitimately, this creates potential for credential misuse if skill were compromised.

LOW Executable Python code present -5

Skill contains Python scripts for subtitle processing. Code appears legitimate but creates execution risk.

LOW External network connections -5

Skill connects to OpenSubtitles API and downloads content. Connections are documented and appear legitimate.

INFO Content influence on AI responses -5

By design, skill downloads subtitle content that will be processed by AI, potentially influencing responses. This appears to be intended functionality.