ClawHub

Upload audio to AIOZ Stream

v1.0.1

Quick upload audio to AIOZ Stream API. Create audio objects with default or custom encoding configurations, upload the file, complete the upload, then return the audio link to the user.

0· 1.2k·1 current·1 all-time
by@vinhbui3004
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description, SKILL.md, reference docs, and included scripts consistently implement an audio upload flow (create → upload part → complete) to the W3Stream/AIOZ API. Required binaries (curl, jq, md5sum) are appropriate for the described operations.
Instruction Scope
Runtime instructions and scripts stick to the upload flow and only access: the provided API keys (as headers), the local audio file path, and the network endpoints for the API. They do not reference unrelated files, system paths, or additional credentials.
Install Mechanism
No install spec is provided (instruction + scripts only). This is lower-risk: the skill doesn't download or install external code during installation. All bundled scripts are plain shell wrappers around curl/jq/md5sum.
Credentials
The skill requires API keys to operate (stream-public-key, stream-secret-key), but these are requested interactively in the instructions rather than declared as required environment variables. That is reasonable for a user-driven upload tool, but you should ensure you only supply valid keys and avoid storing long-lived secrets here if you don't trust the endpoint.
Persistence & Privilege
always:false (default) and scripts do not attempt to modify other skills or system-wide settings. The skill does not request permanent presence or elevated privileges.
Assessment
This skill appears to do exactly what it says: create an audio object and upload a local file to the specified API. Before using it: (1) confirm you trust the API endpoint (the host uses a nonstandard .cyou TLD—verify it with your provider if unsure); (2) only provide your stream-public-key and stream-secret-key when you trust the recipient, and avoid pasting long-lived secrets into untrusted interfaces; (3) the scripts will read the local file path you provide and call curl/jq/md5sum — ensure those binaries exist and you are uploading the intended file; (4) if you need stronger safety, run the included shell scripts locally yourself so you can inspect network requests and avoid sending credentials through an automated agent.

Like a lobster shell, security has layers — review code before you run it.

latestvk97c1zj6brve98dppghzx52pgh80tpw0

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🎵 Clawdis
Binscurl, jq, md5sum

Comments