ClawHub

Media Orchestrator

v0.1.1

Unified skill for resolving, downloading, and delivering media (audio/video) to chat platforms. Integrates yt-dlp for resolution and handles Spotify metadata sync.

0· 1.3k·1 current·1 all-time
bySieer Shafi Lone@sieershafilone
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description (resolve, download, deliver media) aligns with the script's behavior: it invokes yt-dlp, writes downloads to workspace, and calls the OpenClaw 'message' CLI to send files. However the skill hardcodes a specific user workspace path (/home/ky11rie/.openclaw/workspace) and expects/executes another skill's script (spotify_surface) in that path — that is unusual and not justified in the manifest. The manifest lists exec and filesystem read/write permissions which are consistent, but cross-skill execution is a design choice that should be explicit.
!
Instruction Scope
SKILL.md and orchestrator.py instruct the agent to: run yt-dlp (python -m yt_dlp) to download media into the workspace, call a spotify_surface script via subprocess for Spotify requests, and call an 'openclaw message send' CLI to deliver files. These instructions read/write workspace files and execute other skill scripts. The SKILL.md explicitly mentions 'Zero-Auth scraping' for Spotify metadata — that implies scraping behavior that may access external endpoints and bypass official APIs. The script does not attempt to read arbitrary host files, but executing another skill's script and writing persistent JSON contracts in workspace increases scope beyond a simple downloader.
Install Mechanism
This is instruction-plus-code with no install spec. The script assumes availability of python3, yt-dlp (python module), and possibly ffmpeg/ffprobe; none are declared for installation. Not providing an install mechanism is lower risk for arbitrary network fetches, but it also makes runtime failures likely or hides implicit dependency requirements. No external downloads are executed by the skill itself, which reduces immediate install risk.
!
Credentials
The manifest declares exec and filesystem permissions but no environment variables or credentials. The script executes another skill (spotify_surface.py) that may rely on credentials or perform scraping, yet those requirements are not declared. The lack of declared dependencies/credentials while executing cross-skill code is disproportionate: the orchestrator can trigger code that might access secrets or external services without making those needs explicit.
Persistence & Privilege
always:false (no forced global inclusion). The skill writes/downloads into the workspace and persists Spotify JSON contracts there; that is expected for its purpose. It does not modify other skills' configuration or request permanent presence. The main privilege concern is the ability to execute other skill scripts in the shared workspace, which can increase blast radius but is not itself set as a persistent or always-enabled capability.
What to consider before installing
Key things to consider before installing: - The skill will execute yt-dlp (python -m yt_dlp) and optionally ffmpeg; these dependencies are not declared or installed by the skill. Ensure your environment has safe, vetted versions of yt-dlp and ffmpeg, and consider running in a sandbox. - The orchestrator hardcodes /home/ky11rie/.openclaw/workspace and calls another skill's script at workspace/skills/spotify-surface/scripts/spotify_surface.py. That means it expects and will execute code from other skills in the shared workspace — review spotify_surface.py (and any other referenced scripts) before enabling this skill. - The SKILL.md mentions 'Zero-Auth scraping' for Spotify metadata. Scraping can bypass APIs and may fetch data from third-party sites; check spotify_surface.py for network endpoints, credential usage, and compliance with service terms. - The script invokes the host CLI 'openclaw message send' to deliver files. Confirm that the message tool behaves as you expect and that the skill cannot send arbitrary filesystem files beyond its intended downloads. - Because the skill has exec + filesystem permissions and runs subprocesses, prefer installing only if you trust the source or after auditing the included scripts (spotify_surface and any invoked binaries). If you cannot review them, run the skill in an isolated environment with restricted filesystem/network access. - If you want to proceed but reduce risk: require the skill to declare/install yt-dlp/ffmpeg, remove hardcoded user paths (use workspace variable injection), and explicitly document the spotify_surface dependency and any credentials it needs.

Like a lobster shell, security has layers — review code before you run it.

latestvk9710r5pftsrv8km3xek7d9e6n80p10q

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments