ClawHub

bee

v1.2.0

抖音视频一键工作流:下载无水印视频 → 上传阿里云OSS → 写入飞书多维表格。支持各种抖音链接格式,智能提取标题和话题标签。

0· 155·0 current·0 all-time
by@jerryxn
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description require downloading videos, uploading to Aliyun OSS, and writing to Feishu — the skill requires node/python3/curl and the expected Aliyun/Feishu environment variables. The requested binaries and env vars line up with the stated functionality.
Instruction Scope
SKILL.md and scripts/douyin-workflow.sh limit actions to parsing a Douyin link, invoking the douyin-download and aliyun-oss-upload helper scripts, uploading to OSS, and calling Feishu APIs. The script only reads the declared env vars and local filesystem (download dir, temp files). It does execute other skill files (douyin-download and aliyun-oss-upload) by path — this is expected but means those dependent skills will run with the same environment.
Install Mechanism
No install spec; this is an instruction-only skill with a shell script. No remote downloads or archive extraction are present in the bundle.
Credentials
Required env vars are limited to Aliyun OSS and Feishu credentials needed for the described integrations. Optional vars (app token, wiki token, table ID, download dir, prefix) are reasonable for feature flags. No unrelated credentials or secrets are requested.
Persistence & Privilege
always is false, the skill does not request permanent platform presence or modify other skills/config; it only invokes other local skill files and remote service APIs as part of the workflow.
Assessment
This skill appears coherent, but it executes two helper skills by path (douyin-download and aliyun-oss-upload). Before installing or running: (1) verify those dependent skills come from trusted sources and review their code because they will run with your environment (including the same credentials); (2) scope Aliyun and Feishu credentials to least privilege (use an OSS bucket with appropriate policy and a Feishu app with only needed bitable/wiki scopes); (3) run first in an isolated/test environment and confirm downloaded files and uploads behave as expected. If you cannot verify the dependent skills, treat execution as higher risk.

Like a lobster shell, security has layers — review code before you run it.

automationvk9734qp3skqmpb5tcbkr9wcmqd83nfq2beevk9734qp3skqmpb5tcbkr9wcmqd83nfq2douyinvk9734qp3skqmpb5tcbkr9wcmqd83nfq2latestvk970sz4hh2ephnvbwzspgehq7584bm9mossvk9734qp3skqmpb5tcbkr9wcmqd83nfq2videovk9734qp3skqmpb5tcbkr9wcmqd83nfq2workflowvk9734qp3skqmpb5tcbkr9wcmqd83nfq2

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🎬 Clawdis
Binsnode, python3, curl
EnvALIYUN_OSS_ACCESS_KEY_ID, ALIYUN_OSS_ACCESS_KEY_SECRET, ALIYUN_OSS_ENDPOINT, ALIYUN_OSS_BUCKET, FEISHU_APP_ID, FEISHU_APP_SECRET

Comments