ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Bee 视频全流程自动化

v1.0.0

视频全流程自动化:下载 → 截封面 → OSS上传 → 蚁小二多平台分发 → 飞书多维表格记录。发一个视频链接就能跑完全程。

0· 51·0 current·0 all-time
by@jerryxn
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
Name/description match the code: downloading videos, extracting covers, uploading to OSS, calling a third-party publish tool, and recording to Feishu. However, the script uses yt-dlp and the Python oss2 library (for download and OSS upload) but the skill metadata only declares ffmpeg and ffprobe. The script also expects an external 'yixiaoer-pro' script at a filesystem path outside the skill bundle, which is not included or documented — this is disproportionate to the stated single-file automation purpose.
!
Instruction Scope
SKILL.md instructs the agent to run the included script, which is expected, but the runtime instructions and code reference additional resources not declared in the skill (yt-dlp binary, Python oss2 package, and a cookies file at a parent-level path). The script also emits an instruction for the agent to invoke an external feishu_bitable_create_record tool. Reading or using cookie files and invoking an external script located outside the skill expands the scope beyond what the description/metadata claim.
!
Install Mechanism
There is no install spec (instruction-only), which lowers install-time risk, but the runtime requires third-party tools and libraries that are not declared: the code calls 'yt-dlp' and imports 'oss2' (Python SDK) but neither is listed in required binaries/dependencies. This mismatch may cause runtime failures or hide additional implicit requirements that the user must install manually.
!
Credentials
The declared required env vars are for Alibaba OSS (OSS_ACCESS_KEY_ID, OSS_ACCESS_KEY_SECRET, OSS_BUCKET_NAME, OSS_ENDPOINT), which are appropriate for upload. However, the code contains a hardcoded Feishu app token and table ID (BITABLE_APP_TOKEN, BITABLE_TABLE_ID) baked into the script — a credential-like value embedded in code rather than declared or documented — and the code will look for a cookies file at a parent directory path if present. The skill also optionally uses YIXIAOER_TOKEN and YIXIAOER_BASE_URL for publishing, but the main metadata did not list YIXIAOER_TOKEN as required; overall, credential handling is inconsistent and partially opaque.
Persistence & Privilege
The skill does not request always:true or any elevated persistent privileges. It writes to a local 'workspace' directory (creates workspace in the repo parent), which is normal for transient workflows. It does not modify other skills' configurations. The agent-invocation defaults are normal.
Scan Findings in Context
[hardcoded-feishu-token] unexpected: The script embeds BITABLE_APP_TOKEN and BITABLE_TABLE_ID directly in code. A Feishu app token is credential-like and should normally be supplied by the user via env/config rather than hardcoded.
[undeclared-dependency-yt-dlp] unexpected: The download step invokes the 'yt-dlp' binary but the skill metadata only lists ffmpeg and ffprobe as required binaries. This is an undeclared runtime dependency.
[undeclared-dependency-oss2] unexpected: The code imports the 'oss2' Python library for uploads; there is no install spec or mention of this dependency in SKILL.md. The runtime environment must install this package for OSS uploads to work.
[external-script-path] unexpected: The script expects an external helper at a path outside the skill (yixiaoer-pro/scripts/upload_and_publish.py). That file is not bundled and not documented, so the publishing step cannot run as-is and the path indicates dependence on external code.
What to consider before installing
This skill's high-level goal matches its code, but there are several red flags you should address before using it: - Do not supply your OSS credentials until you are comfortable: the script will upload files to OSS using the OSS_ACCESS_KEY_ID/SECRET you provide; grant only an account with minimal upload permissions. - Confirm and remove/replace the hardcoded Feishu app token if it isn't yours. A token in code may leak access or cause records to be written to someone else's table. - Ensure required runtime dependencies are present: install yt-dlp and the Python oss2 package, or update the skill metadata to declare them. Without them the skill will fail or behave unexpectedly. - The publish step relies on an external script at '../yixiaoer-pro/scripts/upload_and_publish.py' which is not included; inspect that script (or provide your own) before enabling publishing. If you don't have that script, publishing will be skipped but the skill will log that it tried. - The code will look for a cookies file at a parent-level path; make sure there are no sensitive cookies there you don't want read. Consider running the skill in an isolated environment or container. If you can't verify or fix the above (especially the hardcoded Feishu token and the missing external script), treat this skill as untrusted and avoid giving it your real OSS credentials. If you decide to proceed, run it in a sandbox, review/replace embedded credentials, and add explicit dependency documentation (yt-dlp, oss2).

Like a lobster shell, security has layers — review code before you run it.

latestvk974vjpnhe2z72sw78ct99684s84bf4p

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🐝 Clawdis
Binsffmpeg, ffprobe
EnvOSS_ACCESS_KEY_ID, OSS_ACCESS_KEY_SECRET, OSS_BUCKET_NAME, OSS_ENDPOINT

Comments