ClawHub

dy-video-to-text

v1.0.0

Extract speech-to-text from Douyin (TikTok China) videos, get watermark-free download links, and download videos. Use when user shares a Douyin link, asks to...

0· 249·1 current·1 all-time
byAiden@hljwwyy123
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The skill's name/description match the included Python scripts: parse, download, and transcribe Douyin videos. The only required env var is DASHSCOPE_API_KEY and it's only needed for the transcription script, which is consistent with the described Alibaba Cloud ASR integration. Requiring python3 is appropriate.
Instruction Scope
SKILL.md directs the agent to run the provided scripts and to install Python deps. The scripts only access network endpoints relevant to the task (Douyin share pages, Douyin CDN, and dashscope.aliyuncs.com) and either write a downloaded .mp4 (download script) or perform API calls for ASR. The instructions do not ask the agent to read or transmit unrelated local files or other credentials.
Install Mechanism
There is no packaged installer; install_deps.sh uses pip to install requests and dashscope from PyPI. This is a common, traceable mechanism but does modify Python site-packages (user or system) and pulls third-party code at install time — a moderate-risk action compared to instruction-only skills. No arbitrary download URLs or archived extracts are used.
Credentials
Only one credential (DASHSCOPE_API_KEY) is required and it is explicitly used for Alibaba Cloud's Dashscope ASR in the transcription script. Other scripts do not require or reference additional environment variables, so the requested credential is proportionate and justified.
Persistence & Privilege
Skill flags are default (always:false) and it does not request permanent presence or modify other skills or system-wide agent settings. Running the scripts will write downloaded video files to disk (expected behavior) but the skill does not install background services or persist beyond installed packages.
Assessment
This skill appears internally consistent, but take these practical precautions before installing or using it: 1) Only provide DASHSCOPE_API_KEY if you trust the source — that key is sent to Alibaba's dashscope.aliyuncs.com for transcription. 2) Review or run the code in a contained environment (virtualenv or ephemeral container) before installing dependencies globally — install_deps.sh uses pip to pull the dashscope package from PyPI. 3) Downloads write .mp4 files to disk; choose an appropriate output directory and be mindful of copyright/privacy when downloading content. 4) If you want extra assurance, inspect the installed dashscope package or use an account/credentials with limited scope/quota. If you want help reviewing any particular line or testing the scripts in a sandbox, I can assist.

Like a lobster shell, security has layers — review code before you run it.

latestvk977rfjrmzjcf5p91h6akhc00982jv7b

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🎬 Clawdis
OSLinux · macOS · Windows
Any binpython3
EnvDASHSCOPE_API_KEY
Primary envDASHSCOPE_API_KEY

Comments