ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Video Transcriber

v1.0.0

视频转写工作流,支持B站和YouTube视频。自动判断有字幕/无字幕,有字幕则获取字幕,无字幕则下载音频+whisper转写。触发场景:(1) 用户要求总结视频内容 (2) 用户要求获取视频字幕 (3) 用户要求转写视频 (4) 处理B站/YouTube视频

0· 250·2 current·2 all-time
by@xing2xian
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The skill's description (Bilibili/YouTube transcription) matches the instructions, but the registry metadata declares no required binaries or env vars while the SKILL.md clearly requires python3 (a local get_transcript.py), yt-dlp, jq, ffmpeg, whisper-cpp, and a model file (ggml-tiny.bin). That mismatch (nothing declared vs. many required tools) is incoherent and worth flagging.
!
Instruction Scope
The runtime instructions tell the agent to execute a specific Python script at ~/.openclaw/extensions/bilibili-youtube-watcher/scripts/get_transcript.py and run shell commands that download audio, transcode, and invoke whisper-cpp. Running a script from a user-home extensions path and executing arbitrary CLI tools is expected for this task but also risky if the script or installed binaries are untrusted — the SKILL.md gives no provenance for that script or the model file. It does not instruct exfiltration to unrelated endpoints, but it does reference an external Feishu doc for subtitles.
Install Mechanism
There is no install spec (instruction-only), which minimizes what the skill writes to disk, but also leaves all installation and trust decisions to the user. The SKILL.md expects third-party binaries and a model file to already be present; it gives no secure download sources or verification steps for those artifacts (e.g., where to get ggml-tiny.bin or whisper-cpp). That gap increases operational risk if users fetch these components from untrusted locations.
Credentials
The skill requests no environment variables, credentials, or config paths in the registry metadata. The instructions do reference a path under the user's home (~/.openclaw/extensions) and will read/write local audio/transcript files, which is consistent with a local transcription workflow and does not require additional secrets.
Persistence & Privilege
always is false and the skill is user-invocable; it does not request permanent platform presence or modify other skills' configs. It simply assumes pre-existing local tooling and files.
What to consider before installing
Before installing or using this skill: (1) verify that the Python script (~/.openclaw/extensions/...) and any extension it belongs to are from a trusted source—inspect its code before executing; (2) ensure yt-dlp, ffmpeg, jq, whisper-cpp and the ggml-tiny.bin model are installed from official/trustworthy releases and verify checksums where possible; (3) be aware the skill will download video audio to the local working directory and run local binaries (no network exfiltration is specified, but the get_transcript.py may access the network—inspect it); (4) if you need a packaged/safer setup, ask the author for an install spec or sources for the required tools and model so you can vet them before running.

Like a lobster shell, security has layers — review code before you run it.

latestvk97dypa9kawavmcm9hdcar0pah82x06w

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments