Podcastfy Openclaw Skill
v1.0.0Convert text, images, PDFs, websites, or YouTube videos into multilingual AI-generated podcast audio using Podcastfy's open-source Python toolkit.
⭐ 0· 67·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description claim converting multi-modal content to podcast audio using Podcastfy; SKILL.md only asks for installing the podcastfy PyPI package, FFmpeg, and API keys for LLM/TTS providers (OpenAI, Gemini, ElevenLabs) which are appropriate and expected for that functionality.
Instruction Scope
Instructions are limited to installing podcastfy/FFmpeg, creating a .env with LLM/TTS keys, and running podcastfy CLI or Python API on user-provided URLs/files. This correctly implies sending content to external LLM/TTS services; users should note that content and transcripts will be transmitted to whichever APIs are configured. The doc doesn't explicitly list any auxiliary downloader dependency (e.g., youtube-dl/pytube) though YouTube support is documented — this is likely handled by the package but worth confirming.
Install Mechanism
The registry entry is instruction-only (no install spec). SKILL.md recommends pip install podcastfy and installing FFmpeg via apt/brew — both are standard. Because installation happens at the user's side via pip, users should verify the PyPI package and repository before installing.
Credentials
The skill asks for API keys for LLM and TTS providers (GEMINI_API_KEY, OPENAI_API_KEY, optional ELEVENLABS_API_KEY). Those are directly relevant to generating transcripts and TTS; no unrelated credentials, config paths, or excessive env access are requested.
Persistence & Privilege
always is false and the skill is user-invocable only. The skill does not request persistent/always-on privileges or access to other skills' configs; it merely instructs running the Podcastfy CLI or Python API at runtime.
Assessment
This skill appears coherent with its purpose, but before installing or using it: 1) Verify the podcastfy PyPI package and GitHub repo (check maintainer, recent commits, issues) to reduce supply-chain risk. 2) Store API keys (Gemini/OpenAI/ElevenLabs) in a secure place and use least-privilege/separate keys; do not put them in shared folders or source control. 3) Be aware that content you provide (URLs, PDFs, video audio, images, patient/medical content) may be transmitted to third‑party LLM/TTS services — avoid uploading sensitive or PHI unless you have appropriate agreements and controls. 4) Run installs and the tool in an isolated environment (virtualenv, container) if you want to limit system impact. 5) Confirm how YouTube downloading/transcription is implemented (additional dependencies or network access may be required). 6) If privacy is a priority, test the --local option and audit what 'local' actually uses. If you want more assurance, review the repository source or run the package in a sandbox before supplying production or sensitive content.Like a lobster shell, security has layers — review code before you run it.
latestvk9717hyb4cng0mg4rmp43zjsj183hmpw
License
MIT-0
Free to use, modify, and redistribute. No attribution required.