Back to skill

Security audit

bilibiliextractor

Security checks across malware telemetry and agentic risk

Overview

This skill appears to do what it claims: extract Bilibili video text and summarize it, with some privacy and hardening cautions.

Install only if you are comfortable letting the agent run the included Python script, access a SiliconFlow API key from the OpenClaw environment, and send selected video audio to SiliconFlow when captions are unavailable. Prefer BV IDs or normal Bilibili links, and avoid using it for private or sensitive videos.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Taint TrackingDirect Taint Flow, Variable-Mediated Taint Flow, Credential Exfiltration Chain
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Tainted flow: 'sub_url' from requests.get (line 48, network input) → requests.get (network output)

Medium
Category
Data Flow
Content
if not sub_url.startswith('http'):
                sub_url = 'https:' + sub_url
            
            sub_response = requests.get(sub_url, headers=BILI_HEADERS)
            sub_data = sub_response.json()
            
            full_text = " ".join([item['content'] for item in sub_data['body']])
Confidence
90% confidence
Finding
sub_response = requests.get(sub_url, headers=BILI_HEADERS)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
When subtitles are unavailable, the skill silently uploads downloaded audio to a third-party ASR provider. This can disclose copyrighted, private, or sensitive spoken content to an external processor without explicit user awareness or consent, which is a real privacy and compliance risk in agent environments.

VirusTotal

60/60 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.