ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Funasr Asr

v2.0.0

本地中文语音识别,使用阿里达摩院 FunASR。触发场景:(1) 用户发送语音消息需转录,(2) 需要转录音频/视频文件,(3) 从网页下载视频并转录,(4) 中文语音转文字任务。支持小内存模式(~500MB)和大模型模式(~2GB),自动内存管理,任务队列防并行。

1· 172·0 current·0 all-time
by@ruitao

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for ruitao/funasr-asr.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Funasr Asr" (ruitao/funasr-asr) from ClawHub.
Skill page: https://clawhub.ai/ruitao/funasr-asr
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install funasr-asr

ClawHub CLI

Package manager switcher

npx clawhub@latest install funasr-asr
Security Scan
Capability signals
Crypto
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description (local FunASR ASR) match the code and docs: Python scripts load FunASR models, transcribe audio, extract audio from video, and optionally download videos. Dependencies (funasr, onnxruntime, yt-dlp/ffmpeg) and model downloads are proportional to the stated purpose.
Instruction Scope
SKILL.md and code instruct running local Python scripts, installing Python packages, and optionally downloading videos via yt-dlp or requests. The scripts read predictable local paths (/tmp locks, ~/.cache/modelscope), inspect memory (/proc/meminfo or psutil), and do not attempt to read arbitrary unrelated system configuration or secrets. Note: processing a video URL will fetch external web content (user-supplied) and invoke yt-dlp/ffmpeg, which is expected for the feature.
Install Mechanism
No registry install spec was provided, but package.json runs scripts/install.sh which pip-installs funasr and onnxruntime. There are no downloads from untrusted shorteners or personal IP addresses; model acquisition is expected to occur via modelscope/ModelScope tooling or the funasr library. This is a standard pip-based install (traceable but subject to normal PyPI supply-chain risks).
Credentials
The skill declares no required environment variables or credentials. Documentation mentions optional MODELSCOPE_CACHE and common OS tools but does not require unrelated secrets. File reads/writes are limited to model cache and temporary working directories.
Persistence & Privilege
The skill does not request always:true, does not modify other skills, and only creates per-skill temporary files and locks under /tmp; it does not try to persist or escalate privileges beyond its own runtime files.
Assessment
This skill appears to be what it claims: a local FunASR-based transcriber. Before installing, consider the following: (1) it requires Python and pip and will install funasr and onnxruntime (PyPI packages) — standard but subject to supply-chain risks; (2) first run will download model files (~500MB to ~2GB) into your model cache (~~/.cache/modelscope/), so ensure disk and bandwidth; (3) video transcription will fetch arbitrary web URLs (yt-dlp/requests/ffmpeg) — avoid supplying internal/private URLs you don't want the runtime to contact; (4) scripts spawn subprocesses (ffmpeg, yt-dlp, python) and write temporary files under /tmp and a model cache — run in an environment with appropriate resource limits or isolation if you are concerned; (5) review or pin the exact Python packages you install if you need stronger supply-chain guarantees. If you want, ask for a list of the exact network endpoints used for model downloads or for an explanation of the expected files the skill will create and where (model cache, temp dirs, lock files).
index.js:36
Shell command execution detected (child_process).
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.

Like a lobster shell, security has layers — review code before you run it.

latestvk9724x3gs1mdn2z1tkwmeghnn584gc75
172downloads
1stars
5versions
Updated 2w ago
v2.0.0
MIT-0
@ruitao
latest
Download

FunASR 本地语音识别

阿里达摩院开源 ASR,完全本地部署,内存优化版。

快速使用

命令行

# 默认 small 模式(SenseVoiceSmall, ~500MB)
python3 scripts/transcribe.py /path/to/audio.wav

# 大模型模式(Paraformer-Large, ~2GB,中文极高精度)
python3 scripts/transcribe.py /path/to/audio.wav --mode large

# 自定义分段时长(默认 600 秒 = 10 分钟)
python3 scripts/transcribe.py /path/to/audio.wav --segment 300

# JSON 输出
python3 scripts/transcribe.py /path/to/audio.wav --format json

# 转录视频文件
python3 scripts/video-transcribe.py --audio /path/to/video.mp4

Node.js 调用

const funasr = require('./index.js');

const text = await funasr.transcribe('/path/to/audio.wav', {
  mode: 'small',    // 'small' 或 'large'
  format: 'text'    // 'text' 或 'json'
});

核心优化(v2.0)

优化项旧方案新方案
进程模型每段新进程单进程,模型加载一次
默认模型paraformer (~2GB)SenseVoiceSmall (~500MB)
内存峰值~2GB × N 次~500MB 常驻
段间释放进程退出gc.collect()
任务锁✅ 保留

模式对比

特性small (默认)large
模型SenseVoiceSmallParaformer-Large
内存~500MB~2GB
语言中英日韩粤中文
精度极高
速度快 (~0.1 RTF)较慢 (~0.3 RTF)
适用场景日常转录专业中文场景

安装

# Python 依赖
pip install funasr onnxruntime psutil

# 视频处理(可选)
pip install yt-dlp
apt install ffmpeg

# 首次运行自动下载模型
# small: ~500MB | large: ~2GB

支持格式

  • 音频: WAV, MP3, FLAC, M4A(自动转 16kHz mono)
  • 视频: MP4, WebM, AVI, MOV

故障排查

问题解决
模型下载失败pip install modelscope && modelscope download --model iic/SenseVoiceSmall
内存不足 (OOM)--mode small --segment 300 减小分段
音频格式错误ffmpeg -i input.mp3 -ar 16000 -ac 1 output.wav
转录有奇怪标记脚本自动清理 `<

许可证

MIT License

Comments

Loading comments...