✓
Purpose & Capability
Declared binaries (yt-dlp, ffmpeg, python/whisper, node) and the douyin-download dependency are coherent with downloading, extracting audio, transcribing, and producing a derived Skill. The declared write path (~/.openclaw/workspace/skills/) also fits the stated goal of generating new skills.
!
Instruction Scope
Instructions explicitly download user-provided videos, transcribe them locally, analyze text, then generate and write a SKILL.md into ~/.openclaw/workspace/skills/<new-skill-name>/. Writing new skill files is within the described purpose but gives the skill the ability to create arbitrary skill manifests; the SKILL.md promises 'user confirmation' before creating the new skill, but that is an instruction the agent must follow — there is no technical enforcement here. The flow references /tmp/ and the workspace path (both declared), but also relies on an external skill 'douyin-download' whose behavior and permissions are not provided.
✓
Install Mechanism
This is an instruction-only skill with no install spec or downloaded code. That limits immediate disk-write/install risks. However, it calls external binaries (yt-dlp, ffmpeg, whisper) which must already be present and could themselves have installation risks unrelated to this skill.
✓
Credentials
The skill requests no environment variables or credentials. The lack of requested secrets is proportionate to its stated task.
!
Persistence & Privilege
The skill writes generated SKILL.md files into the agent's workspace skills directory. If the platform automatically loads skills from that directory (or if an operator later enables them), generated skills could introduce new capabilities, dependencies, or external network activity. Although always:false and the SKILL.md claims user confirmation is required, writing files into the skills path is a persistence action that increases blast radius and should be reviewed before allowing.
What to consider before installing
This skill mostly does what it claims (download a user-provided video, transcribe locally, analyze text, and produce a new Skill manifest), but it has two practical risks you should consider before installing:
1) Generated skill files: The skill will write SKILL.md files into ~/.openclaw/workspace/skills/. If your platform auto-loads or later enables skills in that directory, a generated skill could add capabilities (including network calls, installs, or credential use). Do not allow automatic loading of newly written skills; require manual review before enabling any generated SKILL.md.
2) Dependency/trust chain: The skill depends on external tools (yt-dlp, ffmpeg, Whisper, node) and another skill (douyin-download). Ensure those binaries and the referenced skill are from trusted sources. Note: 'whisper' is typically a Python package, not a standalone binary — check how it will be invoked.
Other practical points:
- Confirm the agent actually prompts for and requires explicit user approval before writing any new skill (the SKILL.md states this, but it is an instruction, not an enforced policy).
- Be aware of disk usage and privacy: downloads and local transcription can use significant disk/CPU and may contain copyrighted or sensitive content — only process content you are allowed to.
- If you accept, audit the generated SKILL.md files before enabling them and restrict write access to your skills directory if possible.
If you want, I can list specific checks to perform (e.g., verify yt-dlp/ffmpeg versions, inspect douyin-download skill code, or test the agent's confirmation prompt).
