ClawHub

dy-video-to-text

Security checks across static analysis, malware telemetry, and agentic risk

Overview

The skill appears to do what it says, but users should notice that it installs Python packages, contacts Douyin and Alibaba Cloud, uses an Alibaba API key for transcription, and can save videos locally.

Install only if you are comfortable running the included Python scripts and sending Douyin video URLs to Douyin and, for transcription, Alibaba Cloud. Use a virtual environment for dependencies, store DASHSCOPE_API_KEY as a secret, and provide only intended Douyin links.

Static analysis

No static analysis findings were reported for this release.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal

Risk analysis

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

#ASI02: Tool Misuse and Exploitation
Low
What this means

If the agent runs this on text containing a non-Douyin URL first, it may make an unintended web request.

Why it was flagged

The parser fetches the first HTTP(S) URL found in user-provided text without validating that it is a Douyin domain.

Skill content
urls = re.findall(..., share_text) ... share_url = urls[0] ... requests.get(share_url, headers=HEADERS, timeout=15)
Recommendation

Use only intended Douyin share links; maintainers should add explicit host validation for v.douyin.com and related Douyin domains.

#ASI04: Agentic Supply Chain Vulnerabilities
Low
What this means

Dependency updates or system-level installs could affect the local Python environment.

Why it was flagged

The user-directed setup installs unpinned packages from the Python package ecosystem and may modify the system or user Python environment.

Skill content
uv pip install --system requests dashscope ... || pip3 install --break-system-packages requests dashscope
Recommendation

Prefer running setup in a virtual environment and pin dependency versions where possible.

#ASI03: Identity and Privilege Abuse
Low
What this means

Transcription requests can use the user's Alibaba Cloud account quota or incur costs.

Why it was flagged

The transcription script uses the user's Alibaba Cloud Dashscope API key, which is expected for the stated ASR feature.

Skill content
api_key = os.environ.get("DASHSCOPE_API_KEY", "") ... dashscope.api_key = api_key
Recommendation

Store the key via the secrets mechanism, monitor usage, and rotate the key if it is exposed.

#ASI07: Insecure Inter-Agent Communication
Info
What this means

Alibaba Cloud receives the video URL for transcription, so private or sensitive video content should be treated carefully.

Why it was flagged

For transcription, the video URL is sent to Alibaba Cloud's ASR provider, matching the skill's disclosed purpose.

Skill content
Transcription.async_call(model=model, file_urls=[video_url], language_hints=['zh', 'en'])
Recommendation

Only transcribe videos you are comfortable sending to the ASR provider, and avoid using the skill for private or confidential content.