Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
maple-video2article
v1.0.5从视频生成图文并排的文章(md格式)。支持本地视频文件或在线视频URL(自动下载),自动完成文本提取、视频帧截取、时间轴匹配、文章撰写全流程。
⭐ 0· 121·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name/description match the included scripts: downloader, speech->text (faster-whisper), frame capture, and timeline matcher. However the top-level metadata only declares python3 while the code actually requires many additional tools (yt-dlp, ffmpeg/ffprobe or imageio-ffmpeg, OpenCV, faster-whisper, av, opencc, etc.) which are not declared as required binaries or env. Network downloads (videos and Whisper models) and subprocess use are intrinsic to the stated purpose, but the manifest under-reporting of dependencies is a mismatch.
Instruction Scope
SKILL.md instructs the agent to download remote videos, run local scripts that read files under workspace paths, parse SRTs, capture frames, and generate markdown. These actions align with the stated goal. It does instruct reading arbitrary user-provided URLs and using a built-in web reader; that implies fetching and processing untrusted external content and following web content — expected for the task but worth flagging as it increases attack surface. The SKILL.md also contains detected unicode-control-chars (possible prompt-injection attempt) which is suspicious.
Install Mechanism
There is no install spec; the package includes runnable Python scripts that expect many third‑party Python packages and external binaries. The skill will attempt to download Whisper models at runtime and the downloader uses yt-dlp which itself fetches remote content. Because there is no declared install mechanism, dependency installation and binary availability are left to the environment — increasing the chance of runtime failures or unexpected network activity. No arbitrary remote code download URL for code is present, but model/data downloads occur at runtime.
Credentials
The skill does not request environment variables, credentials, or config paths. The scripts operate on local files, temporary directories, and may create a local 'models' directory — these are proportional to the described function. There is no request for unrelated secrets or tokens.
Persistence & Privilege
The skill is not marked always:true and does not attempt to alter other skills or global agent settings. It will download model files and write output files to disk (expected). Autonomous invocation (disable-model-invocation:false) is the default and not itself a red flag here.
Scan Findings in Context
[unicode-control-chars] unexpected: Detected control/unicode characters in SKILL.md that can be used for prompt-injection or to obfuscate instructions. This is not necessary for a video->article skill and should be inspected manually. No other automated scan findings were reported in the provided data.
What to consider before installing
This skill appears to implement the advertised workflow (download video, transcribe, capture frames, match timeline, and compose a markdown article) but take these precautions before installing or running it:
- Dependency checklist: ensure your environment has Python 3 and install the required system packages and Python modules used by the scripts (yt-dlp, ffmpeg/ffprobe or imageio‑ffmpeg, opencv-python-headless, faster-whisper + its model files, av, opencc, etc.). The package does not declare these at the top level, so installation is manual.
- Network activity: expect the skill to download remote videos and to fetch Whisper model files on first run. If you need to avoid network downloads or large model pulls, do not run it or prepare an offline environment with models preinstalled.
- Inspect files: review the included Python scripts (video_downloader.py, video_to_text.py, video_frame_capture.py, timeline_matcher.py) yourself — they run subprocesses and write/delete files. There is no evidence of exfiltration endpoints, but local file I/O and subprocess calls are present and should be reviewed if you have sensitive data on the same host.
- Prompt-injection artifact: SKILL.md contains unicode control characters flagged by the scanner. Open SKILL.md and the other text files in a plain text editor, remove or examine any invisible characters, and ensure instructions are as expected before granting the skill authority to run.
- Run in isolation: run the skill in a sandboxed or isolated environment (VM, container, or dedicated account) the first time to observe behavior, disk writes, and network calls.
- Legal/licensing: using yt-dlp and downloading videos may raise copyright or ToS issues depending on content and jurisdiction — ensure you have rights to download and repurpose the videos.
If you want, I can: (1) list the exact pip/system packages to install for these scripts, (2) highlight the exact places in the code that perform network or subprocess calls, or (3) show how to run the scripts safely inside a temporary container.Like a lobster shell, security has layers — review code before you run it.
latestvk9765jdhvpnd1wp1wsbe5ybnqn84dbcs
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
📝 Clawdis
Binspython3