Is vimeo safe?

https://clawhub.ai/byungkyu/vimeo

72
CAUTION

This Vimeo API skill is a legitimate integration that provides Vimeo access through Maton's third-party OAuth gateway. The primary risk is not malicious intent but rather the significant trust delegation required: all API traffic and OAuth tokens are proxied through Maton's infrastructure (gateway.maton.ai and ctrl.maton.ai), giving the third party persistent access to user Vimeo accounts. The skill contains no malicious code, no hidden payloads, and clean install behavior, but the cross-reference to a broader 'api-gateway' skill and the extensive executable Python code examples warrant caution.

Category Scores

Prompt Injection 70/100 · 30%
Data Exfiltration 60/100 · 25%
Code Execution 75/100 · 20%
Clone Behavior 90/100 · 10%
Canary Integrity 100/100 · 10%
Behavioral Reasoning 55/100 · 5%

Findings (7)

HIGH All API traffic proxied through third-party gateway -25

Every Vimeo API call is routed through gateway.maton.ai instead of directly to api.vimeo.com. This gives the Maton service complete visibility into all API requests, responses, and the user's OAuth tokens. The gateway 'automatically injects your OAuth token,' meaning Maton holds and manages the user's Vimeo credentials.

HIGH Third-party control plane manages OAuth connections -15

OAuth connection lifecycle (create, list, delete) is managed through ctrl.maton.ai, a separate Maton-controlled service. Users must trust Maton with persistent access to their Vimeo account via stored OAuth tokens. There is no way to verify what Maton does with these tokens server-side.

MEDIUM Cross-skill reference to api-gateway skill -20

The skill description contains a direct reference and URL to another skill ('api-gateway'), encouraging agents to install additional skills. This creates a skill-chaining vector where trust in the Vimeo skill could lead to installation of a broader API gateway skill with wider access.

MEDIUM Behavioral directive in notes section -10

The 'IMPORTANT' note about environment variable expansion subtly influences agent behavior regarding shell execution patterns. While seemingly helpful, it could steer agents toward specific execution methods.

MEDIUM Executable Python code snippets throughout documentation -25

The skill contains numerous copy-paste-ready Python code blocks using heredoc execution (python <<'EOF'). While these are documentation examples rather than auto-executing code, an LLM agent is likely to execute them directly, sending the MATON_API_KEY to external servers.

LOW Installer reads sensitive dotfiles during installation -10

The OpenClaw installer framework reads .env, .aws/credentials, .profile, .bashrc, and auth-profiles.json during skill installation. While this appears to be framework behavior rather than skill-specific, it demonstrates the sensitive file access that occurs during the install process.

INFO Legitimate use case with significant trust delegation -45

The skill provides a legitimate Vimeo API integration, but the architecture requires users to delegate significant trust to Maton's infrastructure. Users must accept that a third party will hold their Vimeo OAuth tokens and proxy all API traffic. This is a design choice, not a vulnerability, but users should be aware of the trust implications.