ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Douyin Video Transcribe

v2.0.0

Douyin video transcription suite. Extract audio from Douyin/TikTok China videos, transcribe with Whisper, and analyze content. Supports video links, local fi...

0· 279·1 current·1 all-time
byDon Li@don068589
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The stated purpose — fetch Douyin videos, extract audio, transcribe with Whisper — matches the instructions and included code. However the Python code also supports two cloud ASR backends (named sili_flow_api and dashscope_api) and tries to load API keys from user config files. Those cloud fallbacks are not declared in the skill metadata or required env vars; supporting remote ASR providers is plausible but the omission of any mention of required credentials or config is an incoherence.
!
Instruction Scope
SKILL.md instructs the agent to use a browser DOM extraction and to run curl/ffmpeg/docker/whisper — all reasonable for this task. But the shipped code reads configuration files from the user's home (~/.openclaw/skills/douyin-config.json and ~/.openclaw/config.json) to find API keys and temp paths. The README does not require or show these config files; the code will therefore access user home config silently, which broadens the skill's runtime scope beyond what the SKILL.md declares.
Install Mechanism
There is no install spec (instruction-only + included scripts). The code will start or create a Docker container using the image onerahmet/openai-whisper-asr-webservice:latest if the local Whisper path is used. Pulling and running an external Docker image is expected for running Whisper but carries extra risk because the image is from an individual namespace (not an official vendor) and will execute third‑party code on the host.
!
Credentials
The registry metadata declares no required env vars or credentials, but the code attempts to read API keys (sili_flow_api_key, dashscope_api_key) from user config files. It also reads a fallback ~/.openclaw/config.json which could contain unrelated settings or secrets. Requesting no credentials in metadata while reading user config for keys is disproportionate and surprising.
Persistence & Privilege
The skill does not request always:true and does not alter other skills. It will create a Docker container named 'whisper-asr' (persistent on the host) and write temporary files to a configured temp directory (default is a path under /path/to/temp/douyin or overridden in config). Those are reasonable for this functionality but represent persistent artifacts the user should be aware of.
What to consider before installing
This skill generally implements Douyin -> audio -> Whisper transcribe as advertised, but there are a few red flags to consider before installing or running it: - It reads config files in your home directory (~/.openclaw/skills/douyin-config.json and ~/.openclaw/config.json) to find API keys and paths. Inspect those files first — the skill may access keys you did not intend to expose. - The skill can fall back to cloud ASR providers if keys are present. Only provide API keys for providers you trust, and prefer explicit configuration instead of leaving keys in global config files. - If using the local Whisper path the code will pull/run the Docker image onerahmet/openai-whisper-asr-webservice:latest. Treat that image as untrusted code: review its Docker Hub page or run it in a sandboxed environment (VM/container) first. - The skill creates a Docker container named 'whisper-asr' and writes temporary files. Clean up containers/files after use if you are concerned about persistence. Recommended actions: review the included Python files, inspect any ~/.openclaw config for sensitive data, run the skill in an isolated environment if you will allow it to pull/run the Docker image, or modify the code to avoid loading home config files (or to require explicit credentials via a separate declared config) before use.

Like a lobster shell, security has layers — review code before you run it.

latestvk978j31znyshaa8bvnqrjcavps8403kd

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments