ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

purevocals-uvr-automator

v1.0.5

当用户想要**一键批量从音频文件中提取超干净纯人声(干声 / Vocals Only)**、去除伴奏/背景音乐时,自动调用此技能。 一键音频人声分离工具。专门从音频文件(.mp3/.wav/.flac等)中提取超干净干声(Acapella)或去除背景音制作伴奏。 核心用途:支持单个音频文件或整个文件夹批量处理(....

0· 240·0 current·0 all-time
by顶尖王牌程序员@wangminrui2022

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for wangminrui2022/purevocals-uvr-automator.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "purevocals-uvr-automator" (wangminrui2022/purevocals-uvr-automator) from ClawHub.
Skill page: https://clawhub.ai/wangminrui2022/purevocals-uvr-automator
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Required binaries: python
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install purevocals-uvr-automator

ClawHub CLI

Package manager switcher

npx clawhub@latest install purevocals-uvr-automator
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
技能名/描述与代码主逻辑(调用 audio-separator、检测 GPU、下载模型、批量处理音频)一致。但 ensure_package.fix_setuptools() 在模块导入时立即调用,会在当前 Python 解释器环境中强制安装/降级 setuptools 和 wheel —— 这一行为与“只是运行本地音频分离”不可预期,且会修改宿主环境。VENV_DIR 指向技能目录之外的路径(可能是共享 venv),这也没有在文档中充分说明。
!
Instruction Scope
SKILL.md 指示以 python scripts/purevocals.py 启动,文档说明了模型下载和 venv 管理,但未明确说明代码会在首次导入时修改当前 Python 环境(立即执行 pip install/setuptools 强制重装)、会自动下载外部二进制(ffmpeg)并从网络拉取大模型文件。这些 side-effect 在文档中没有明确提示或征得用户同意。
!
Install Mechanism
技能没有平台 install spec,但代码在运行时通过 pip 安装/升级多个包(包括对 PyTorch 的大型 wheel 下载、audio-separator、ffmpeg-downloader 等),并自动从外部源下载 ffmpeg 与模型文件。运行时从网络下载安装与解包会写入磁盘并执行二进制/大型包,属于较高风险操作且没有在 SKILL.md 中充分警告。
Credentials
技能不要求任何秘密或外部凭证(没有 env var 要求),这与用途相符. 然而,代码会尝试访问系统工具(nvidia-smi)、修改 Python 包(在导入时降级 setuptools)并在技能外部路径创建/使用虚拟环境与 models/logs 目录。这些资源访问没有在文档中明确解释,可能影响其他 Python 项目或技能。
Persistence & Privilege
always:false (正常)。但脚本会在磁盘上长期写入模型、日志与虚拟环境,且可能创建一个位于技能上级的共享 venv,从而产生持久改变。没有修改其他技能配置的代码,但全局 pip 更改(setuptools 重装)和共享 venv 是持久且有潜在影响的权限级别。
What to consider before installing
What to consider before installing/using this skill: - Legitimate purpose but surprising side effects: the code does implement vocal extraction, GPU detection and model downloads, but it also runs pip at runtime and (on import) force-reinstalls setuptools/wheel in the current Python, which can modify your system or other projects unexpectedly. - Network downloads & large files: it will download ffmpeg and ML models (hundreds of MB to GB) from external URLs and PyTorch wheels from pytorch.org. Expect big network/ disk usage and possible firewalls/slowdowns. - Persistent artifacts: models/, logs/, and a venv directory (VENV_DIR) are created on disk. VENV_DIR appears to be outside the skill folder and may be shared — check its path before running. - Privileged operations: the script invokes subprocesses (pip, nvidia-smi, ffmpeg-downloader, audio-separator CLI) and may run long installs and re-launch itself inside a created venv. Practical recommendations: - If you want to try it, run it first in a sandboxed environment: a disposable VM, container, or an isolated user account where side effects are acceptable. - Inspect and/or modify the code before running: move the setuptools fix/any pip installs into an explicit, documented setup step (not at module import), or require user confirmation before modifying the global Python environment. - Prefer manual venv: change VENV_DIR to a skill-local venv (inside the skill folder) or let the user supply the venv path. Verify that package installs occur inside that venv, not the global interpreter. - Monitor network and disk: be ready for large downloads and ensure you have sufficient storage and bandwidth. Consider pre-downloading models to models/ and set offline usage. - If you need higher assurance: ask the author for a version that avoids global pip calls at import time and documents all external downloads and paths it will write to. Confidence note: medium — the code clearly performs the operations described, but some behaviors (top-level pip/setuptools change, shared venv location) may be legitimate design choices for convenience; they are nonetheless risky and under-documented.

Like a lobster shell, security has layers — review code before you run it.

Runtime requirements

Binspython
latestvk97ctpawrpcw9tbznb2sxpmq0d85661w
240downloads
0stars
6versions
Updated 1w ago
v1.0.5
MIT-0
顶尖王牌程序员@wangminrui2022
latest
Download

PureVocals-UVR-Automator

功能概述:一键将带伴奏的音频文件批量转换为超干净的纯人声(Vocals Only)。专为翻唱、卡拉OK、音乐素材清洗等场景设计,输出质量高、速度快、操作零门槛。

支持的模型(推荐顺序)

  1. shibing624-chinese-kenlm-klm —— 默认推荐(速度最快 + 干净度最高,适合中文歌曲)
  2. 6_HP_Karaoke-UVR.pth —— 高质量卡拉OK 模式(你原来的常用设置)
  3. UVR-MDX-NET-Karaoke_2.onnx —— 极致速度,适合超大批量处理

执行步骤

  1. 输入解析:支持单个音频文件路径,或整个文件夹路径(会递归处理所有支持格式)。
  2. 输出位置:若未指定输出目录,默认在输入路径同级自动创建 [输入文件夹名]_vocals 文件夹,保持原文件夹结构不变。
  3. 启动命令(Agent 会自动选择优先级): 
    (python3 scripts/purevocals.py "<输入路径>" ["<输出目录>"] [--model <模型名>] [--window_size <数值>] [--aggression <数值>] [--chunk_duration <秒数>] [--sample_mode]) || (python scripts/purevocals.py "<输入路径>" ["<输出目录>"] [--model <模型名>] [--window_size <数值>] [--aggression <数值>] [--chunk_duration <秒数>] [--sample_mode])

Comments

Loading comments...