hair-cam-anno Security Report — Low Risk | ClawSafe

22 /100

hair-cam-anno

安防摄像头视频 VL 模型微调数据集标注工具

A legitimate video annotation tool that processes surveillance camera footage for VL model fine-tuning, using subprocess for ffmpeg/ffprobe which is necessary and appropriate but not declared in SKILL.md.

Skill Namehair-cam-anno

Duration32.0s

Enginepi

✓

Safe to install

Declare the use of subprocess (shell:WRITE) and filesystem WRITE permissions in SKILL.md. Consider removing the hardcoded /root/hair-cam path reference from the usage description.

Findings 3 items

Severity	Finding	Location
Medium	Undeclared subprocess shell execution Doc Mismatch SKILL.md presents the tool as running Python scripts only, but extract_frames.py internally invokes ffmpeg and ffprobe via subprocess.run. This shell:WRITE capability is not declared in the skill description. `result = subprocess.run(cmd, capture_output=True, text=True)` → Update SKILL.md to declare shell:WRITE for ffmpeg/ffprobe subprocess execution	`scripts/extract_frames.py:48`
Low	Hardcoded sensitive path reference in description Doc Mismatch The SKILL.md description explicitly references '/root/hair-cam' directory containing surveillance video data, implying access to a sensitive personal path. This is not declared as a capability but is baked into the usage context. `处理 /root/hair-cam 目录下的视频数据` → Remove hardcoded path references from SKILL.md description; use generic placeholder like '<视频目录>' instead	`SKILL.md:1`
Low	Filesystem WRITE not declared privile_escalation Both scripts write output files (frame images, manifest.json, dataset.jsonl) to disk, but SKILL.md only implies READ access. This is a minor mismatch as the file writes are necessary for the tool's core function. `Use when 用户需要对安防摄像头视频进行数据标注、生成 VL 模型训练数据集` → Declare filesystem:WRITE in capability map	`SKILL.md:1`

Resource	Declared	Inferred	Status	Evidence
Shell	`NONE`	`WRITE`	✗ Violation	scripts/extract_frames.py:48-49, 66-69 (subprocess.run calls to ffmpeg/ffprobe)
Filesystem	`READ`	`WRITE`	✗ Violation	scripts/extract_frames.py:47 (writes frame images to output_dir); scripts/build_…
Network	`NONE`	`NONE`	—	No network activity found
Environment	`NONE`	`NONE`	—	No environment variable access
Skill Invoke	`NONE`	`NONE`	—	No skill invocation
Clipboard	`NONE`	`NONE`	—	No clipboard access
Browser	`NONE`	`NONE`	—	No browser usage
Database	`NONE`	`NONE`	—	No database access

File Tree

5 files · 18.3 KB · 493 lines

Python 2f · 302L Markdown 3f · 191L

├─ ▾ 📁 references

│ ├─ 📝 labels-reference.md Markdown 47L · 2.6 KB

│ └─ 📝 system-prompt.md Markdown 65L · 2.5 KB

├─ ▾ 📁 scripts

│ ├─ 🐍 build_jsonl.py Python 192L · 6.9 KB

│ └─ 🐍 extract_frames.py Python 110L · 3.7 KB

└─ 📝 SKILL.md Markdown 79L · 2.6 KB

Security Positives

✓ No network requests or external communication detected

✓ No credential harvesting or environment variable enumeration

✓ No obfuscation, base64-encoded execution, or anti-analysis techniques

✓ No remote script execution (curl|bash, wget|sh)

✓ No sensitive file access (~/.ssh, ~/.aws, .env)

✓ No persistence mechanisms (cron, startup hooks, backdoors)

✓ No prompt injection or LLM manipulation

✓ No malicious dependencies — no package files present

✓ subprocess usage is limited to standard CLI tools (ffmpeg, ffprobe) which is necessary and appropriate for video processing

Scan Report

Findings 3 items

File Tree

Security Positives