伴奏提取器
PassAudited by VirusTotal on May 8, 2026.
Overview
Type: OpenClaw Skill Name: accompaniment-generator Version: 1.0.0 The skill provides legitimate audio separation functionality but employs high-risk execution patterns. Specifically, `scripts/get_accompaniment.py` invokes `yt-dlp` with the `--remote-components ejs:github` flag, which allows the tool to fetch and execute remote code from GitHub. The script also requests sensitive YouTube session cookies for authentication and utilizes external runtimes (Deno) for signature decryption. While these features are often used to bypass YouTube's bot detection, they represent a significant attack surface for remote code execution and credential handling.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If a cookies file is present, the tool may use logged-in YouTube account session data to download media. The artifacts do not show cookie exfiltration, but the access is sensitive.
The script can use a default YouTube cookies file even when the user does not pass --cookies for that run. YouTube/Google cookies are sensitive session material, and the registry metadata declares no primary credential or required config path.
default_cookies = os.path.expanduser("~/.yt-dlp/cookies.txt")
if os.path.exists(default_cookies):
cmd.extend(['--cookies', default_cookies])Declare the cookie requirement in metadata, require explicit user approval before using cookies, avoid automatic default-cookie use, and recommend a limited/separate account or deleting/revoking cookies after use.
A download operation may rely on remote components that were not packaged or reviewed with the skill, increasing supply-chain risk.
The yt-dlp command enables remote components from GitHub. This is not clearly disclosed in SKILL.md and appears unpinned, so runtime behavior may depend on remote code/components outside the reviewed artifact set.
'--remote-components', 'ejs:github',
Avoid remote runtime components by default, pin and document any required remote source, or vendor/audit the needed component as part of the skill package.
The skill will execute local media-processing and download tools, consuming CPU, disk, and network resources.
The script runs local tools such as yt-dlp, ffmpeg, and demucs. This is central to the skill’s audio-processing purpose and uses argument arrays rather than shell=True, but it is still local command execution users should expect.
subprocess.run(cmd, capture_output=True, text=True, timeout=180) ... subprocess.run(cmd, capture_output=True, text=True, timeout=600)
Run it in a controlled environment, review command arguments before use, and install dependencies from trusted sources.
Users may install the wrong dependency or misunderstand the actual model/output behavior.
README.md describes Spleeter and WAV output, while SKILL.md and the script describe Demucs and MP3 output. This inconsistency may mislead users about what will be installed and run.
基于 [spleeter](https://github.com/deezer/spleeter) 深度学习模型进行音源分离
Update documentation so README.md, SKILL.md, metadata, and the script consistently describe the same dependencies, model, and output format.