ClawHub

Video Extractor Pro

v1.0.2

Extract key frames or clips from videos for content analysis, review, or素材 collection with single, batch, or scene-based options.

1· 245·2 current·2 all-time
by@sxliuyu
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (frame/clip extraction) aligns with the included script and _meta.json. The code implements frame extraction, interval extraction, clip extraction/re-encode, GIF creation and info using ffmpeg/ffprobe as expected. No unrelated capabilities or credentials are requested.
Instruction Scope
SKILL.md is narrowly scoped (features and trigger words) and the script only reads user-supplied video paths and writes outputs. There are no instructions to read unrelated files, environment variables, system configs, or to send data externally. The script executes ffmpeg/ffprobe subprocesses (expected for this task).
Install Mechanism
No install spec is provided (instruction-only), and the only external dependency is ffmpeg/ffprobe declared in _meta.json. Nothing is downloaded or written by an installer—low install risk. The agent environment must already have ffmpeg/ffprobe available.
Credentials
The skill requests no environment variables, credentials, or config paths. This is proportionate for a local video-processing tool.
Persistence & Privilege
always is false and the skill does not modify other skills or system-wide settings. It does not request persistent elevated privileges.
Assessment
This skill appears coherent with its stated purpose. Before installing, consider: (1) ffmpeg/ffprobe must be installed in the agent environment (the script invokes them via subprocess); (2) ffmpeg has had security vulnerabilities in the past—process untrusted or user-uploaded media in a sandboxed environment and keep ffmpeg up to date; (3) the script executes ffmpeg with argument lists (not via a shell), reducing shell-injection risk, but you should still validate file paths you pass to it and avoid giving it arbitrary system paths; (4) no network exfiltration or secret access is requested by the skill, so typical concerns are limited to local resource use and the safety of processed media files.

Like a lobster shell, security has layers — review code before you run it.

latestvk97bv92ab3fkscpck3ythr3jk5830b3r

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments