Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Video Prompt Reverse
v1.0.1视频提示词反推工具链。通过下载短视频 → 提取关键帧 → 批量上传豆包(PC)分析 → 输出结构化镜头语言提示词的全流程自动化。当用户提到"反推视频提示词"、"分析视频镜头语言"、"把视频转成AI绘图提示词"、"逆向视频分镜"时使用此技能。
⭐ 0· 44·0 current·0 all-time
by@tobemsk
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name/description (reverse-engineer video into AI drawing prompts) align with included artifacts: yt-dlp/ffmpeg usage in SKILL.md, frame extraction instructions, Python scripts to connect to browser DevTools and automate uploads to 豆包 (doubao) and extract textual analysis.
Instruction Scope
Runtime instructions and scripts instruct the agent/user to open Edge with --remote-debugging-port and connect to the DevTools WebSocket to execute arbitrary JS (CdpClient.execute). The code clicks buttons, searches the DOM, and reads innerText from multiple selectors (returns up to 500 chars) — i.e., it can read content from any targeted tab. get_doubao_tab_id will return the first tab if a 'doubao' tab isn't found, meaning the script can accidentally target other open pages. The tool also automates uploading local files via the browser UI. These actions are broader than simple frame processing and could access unrelated page content or interact with other web sessions if mis-targeted.
Install Mechanism
There is no install spec for the skill (instruction-only) which is low-risk. SKILL.md instructs running 'pip install -U yt-dlp' and requires ffmpeg on PATH — these are expected for video download/frame extraction and are not inherently suspicious. No remote arbitrary binary downloads or obscure URLs are present.
Credentials
The skill requests no environment variables, but its operation requires: opening Edge/Chrome with remote debugging (exposes the browser via localhost WS), access to the user's browser session (cookies/logged-in state) when using the web UI, and reading files from the local frames directory. The docs also suggest using yt-dlp's cookie-import and an optional '--no-check-certificates' flag (insecure). These capabilities are powerful relative to the simple stated goal and could expose account/session data if misused or targeted at the wrong tab.
Persistence & Privilege
The skill is not always-enabled, does not request persistent platform privileges, and contains no code that modifies other skills or global agent configuration. Autonomous invocation is allowed by default but is not combined with any elevated 'always' privilege here.
What to consider before installing
Before installing or running this skill: 1) Review and understand the two included Python scripts (cdp_client.py and doubao_cdp.py); they will connect to your browser's DevTools and execute arbitrary JavaScript on open tabs. 2) Only run the tool with Edge/Chrome launched specifically for this purpose (use a dedicated browser profile or a fresh browser instance launched with --remote-debugging-port=9222) and close any sensitive tabs to avoid accidental access. 3) Provide an explicit Tab ID when possible instead of relying on automatic discovery (the code falls back to the first tab if 'doubao' isn't found). 4) Do not use '--no-check-certificates' unless you understand the implications; avoid importing browser cookies if you don't want the tool to use your logged-in sessions. 5) Inspect any frames for personal data before uploading, and prefer manual upload to the analysis service if you have sensitive content. 6) If you need higher assurance, run the scripts in an isolated VM/container or on a throwaway browser profile and consider asking the author to remove the 'use first tab' fallback and add stricter tab validation. Additional info that would reduce concern: explicit enforcement in code that only targets URLs/hosts under doubao, removal of the fallback to the first tab, or documentation proving the doubao service and scripts are maintained by a trustworthy party.Like a lobster shell, security has layers — review code before you run it.
latestvk97f72dafvwrpmw8zypanp99m984pzzg
License
MIT-0
Free to use, modify, and redistribute. No attribution required.