biliup-skills
ReviewAudited by ClawScan on May 10, 2026.
Overview
This skill coherently uploads videos to Bilibili, but it needs trusted package installation and stores a Bilibili login token locally.
Use this only if you are comfortable letting the agent install biliup/qrcode packages and upload to your Bilibili account. Keep cookies.json private, avoid committing it to git, verify the PyPI/GitHub package before first use, and review the final video metadata before posting.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If invoked with the provided details, the agent may submit a video to Bilibili on the user's behalf.
The skill can run a CLI command that uploads and publishes a video to the user's Bilibili account. This matches the skill purpose, but it is an account-affecting action.
biliup -u {workspace}/cookies.json upload \
--title "视频标题" \
--tid 21 \
--tag "标签1,标签2" \
/path/to/video.mp4Confirm the exact video file, title, tags, category, copyright/source fields, and target account before allowing the upload command to run.
Anyone who obtains cookies.json may be able to act on the user's Bilibili account through biliup.
The workflow stores a Bilibili access token locally and uses it to upload to the user's account. This is expected for the integration and is disclosed, but it is sensitive account authority.
`biliup login` 完成后,会在工作目录生成 `cookies.json`,其中保存的是 **用户自己的 B 站登录凭据(access_token)**
Use a trusted workspace, add cookies.json to .gitignore, do not share it, and delete or rotate the credential if it may have been exposed.
A compromised or changed dependency could affect the local environment or the account workflow.
The setup script installs biliup from PyPI without a pinned version or lockfile. This is normal for a CLI integration but leaves users dependent on the current PyPI package and its dependencies.
pipx install biliup ... pip3 install --user biliup
Verify the biliup package source before first use, consider pinning a known-good version, and install in an isolated environment such as pipx.
Running the helper may modify the user's Python environment by installing additional packages.
The login helper automatically installs the qrcode[pil] dependency if missing. This is disclosed by the script's dependency note and supports QR generation, but it is another unpinned package install.
subprocess.run(
[sys.executable, "-m", "pip", "install", "-q", "qrcode[pil]"],
check=True,
)Install dependencies in an isolated environment and pin versions if reproducibility or supply-chain control is important.
A user may place more trust in the uploader than intended if they read it as an official Bilibili tool.
The artifact uses both official-sounding wording and community-maintained wording for the uploader. This does not show malicious behavior, but provenance clarity matters because the tool handles login tokens.
使用命令行工具 biliup(Python 版官方 CLI,非 biliup-rs)... 注意事项 ... biliup 是社区维护的 B 站上传工具
Verify the biliup project and package provenance independently before using it with an account token.