Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
video-download-transcribe
v2.3.0多平台视频下载 + 本地转录 + 视频内容分析。 **触发词**:这个视频说了什么、视频内容是什么、帮我看这个视频、下载这个视频、视频转录、字幕提取、B站视频、抖音视频、bilibili、youtube视频、帮我转录 **支持平台**:B站/抖音/TikTok/YouTube/小红书/微博/快手 **下载**:y...
⭐ 1· 118·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
Name/description promise local multi-platform download + transcription using yt-dlp/Whisper. Registry metadata requests only ffmpeg and yt-dlp, which is coherent, but bundled code (server.py) also contains support for cloud STT (SILICONFLOW), image understanding (MINIMAX), and a third‑party Douyin parser defaulting to https://liuxingw.com — capabilities not declared in SKILL.md or metadata.
Instruction Scope
SKILL.md instructs use via mcporter MCP calls and emphasizes local Whisper/fallbacks. The runtime code, however, performs network calls to multiple external APIs, can invoke a browser via Playwright (subprocess-invoked embedded Python), and may send video/metadata to third-party services. SKILL.md does not fully disclose these external network interactions.
Install Mechanism
There is no formal install spec in registry metadata, but a provided setup.sh will create a virtualenv, pip-install dependencies (including openai/openai-whisper/playwright), install browsers, and write mcporter configuration. The install is manual (script), not a registry install hook — but it writes files and installs packages on the host.
Credentials
Registry lists no required env vars, and SKILL.md only documents TRANSCRIPTS_DIR, DURATION_THRESHOLD, WHISPER_MODEL, TIKHUB_API_KEY. The code expects additional secrets (SILICONFLOW_API_KEY, MINIMAX_API_KEY, DOUYIN_THIRD_PARTY_API) that are not declared. Default THIRD_PARTY_API points to an external service (liuxingw.com), which could receive data if used. This is a mismatch and a potential exfiltration vector.
Persistence & Privilege
setup.sh adds an entry into the user's mcporter.json to register an MCP server, modifying agent configuration outside the skill's own files. While not 'always:true', this installer-modifies-agent-config behavior is noteworthy and should be allowed only with user awareness. server.py also contains hardcoded absolute paths (/Users/kk/...) which indicate residual developer configuration and may change runtime behavior if those paths exist.
What to consider before installing
This skill appears to do what it says (download and transcribe videos) but includes surprising and undeclared behaviors. Before installing or running it: 1) Review server.py and setup.sh carefully (look for the external endpoints: SILICONFLOW_BASE_URL, MINIMAX_BASE_URL, and THIRD_PARTY_API default https://liuxingw.com). 2) Do not run setup.sh on a production machine — run it in an isolated VM or container to see what it installs and what network calls it makes. 3) If you only want local transcription, disable or remove cloud paths in server.py (SILICONFLOW/MINIMAX calls) and set THIRD_PARTY_API to a trusted service or null. 4) Be cautious about allowing the script to write mcporter.json (it modifies agent config). 5) Provide API keys only for services you trust and understand; if you don't intend to use cloud STT or third-party parsers, ensure those code paths are disabled. If you want, I can point out the exact lines in server.py that contact external endpoints and where to remove or sandbox them.Like a lobster shell, security has layers — review code before you run it.
latestvk97b18zqzfc53b6h75jy33dh3h846fr9
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
🎬 Clawdis
Binsffmpeg, yt-dlp