Bilibili AI Video Prompt Analyzer
Security checks across malware telemetry and agentic risk
Overview
The skill’s scripts match its stated purpose of downloading a Bilibili video and extracting frames/subtitles, with only minor user-notice issues around external tools, local file writes, and possible playlist downloads.
Before installing, make sure you are comfortable running yt-dlp and ffmpeg locally, use a dedicated output folder, and check whether the Bilibili link is a single video or a playlist. Also ensure you have the right to download and reuse video, style, subtitle, or voiceover material.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A Bilibili link could cause multiple videos to be downloaded and stored locally, using more disk space or bandwidth than expected.
The script intentionally invokes yt-dlp on a user-provided URL and enables playlist downloading, which is consistent with video acquisition but may download more content than a user expects if the URL resolves to a playlist.
yt-dlp ... --yes-playlist ... -o "$OUT_DIR/%(title)s.%(ext)s" "$URL"
Use a dedicated output directory, verify the URL before running, and remove or avoid playlist mode unless downloading a playlist is intended.
The skill will not work unless ffmpeg and yt-dlp are present, and unsafe installations of those external tools could affect the local environment.
The skill relies on external command-line tools. This is disclosed and purpose-aligned, but the registry metadata says there are no required binaries, so users should notice and install these tools from trusted sources.
Requirements - `ffmpeg` installed ... - `yt-dlp` installed ...
Install ffmpeg and yt-dlp only from trusted package managers or official sources, and keep them updated.