油管视频转音频到飞书

ReviewAudited by ClawScan on May 10, 2026.

Overview

The skill’s behavior largely matches its stated purpose, but it uses local command execution, Feishu account permissions, weak URL checking, and temporary file storage that users should understand before installing.

Before installing, make sure you trust the publisher, are comfortable running Python/yt-dlp locally, and understand that Feishu permissions allow cloud uploads and messages. Use real YouTube links only, and check the temp directory if you want downloaded MP3 files removed after use.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Low

#ASI05: Unexpected Code Execution

What this means

Using the skill will run local programs such as Python and yt-dlp on the user’s machine.

Why it was flagged

The skill launches a local Python process to perform the download workflow. This is expected for a yt-dlp based converter, but it means installing the skill allows local command execution.

Skill content

const child = execFile(PYTHON, [SCRIPT_PATH, ...args], {

Recommendation

Install only if you are comfortable with local execution and have a trusted, up-to-date yt-dlp/Python environment.

Low

#ASI02: Tool Misuse and Exploitation

What this means

A malformed or misleading URL containing those strings could be passed to yt-dlp instead of a real YouTube video URL.

Why it was flagged

The URL check is substring-based, so it is a weak enforcement of the documented 'Only download from YouTube' guardrail, even though the intended workflow is user-provided YouTube links.

Skill content

if (!url || !url.includes("youtube.com") && !url.includes("youtu.be"))

Recommendation

Use only trusted YouTube URLs, and the publisher should validate the hostname rather than using substring checks.

Medium

#ASI03: Identity and Privilege Abuse

What this means

If authorized, the workflow can upload files to Feishu cloud storage and send messages to a Feishu user.

Why it was flagged

The skill requires Feishu Drive upload and message-send capabilities, which are account-affecting permissions but are aligned with the stated upload-and-send purpose.

Skill content

需要以下飞书权限：
- `feishu_drive_file` - 云盘文件上传
- `feishu_im_user_message` - 发送消息

Recommendation

Review Feishu authorization prompts carefully and grant only the Drive and IM permissions needed for this workflow.

Low

#ASI09: Human-Agent Trust Exploitation

What this means

The user may expect a completed Feishu upload, but the tool may only download the file and rely on additional agent/tool steps.

Why it was flagged

The active tool returns instructions for later Feishu upload/message steps instead of directly performing them, while the skill description presents the full upload/send flow as part of the tool behavior.

Skill content

"next_steps": [
            "1. Upload to Feishu cloud: feishu_drive_file (action=upload, file_path=<path>)",
            "2. Send to user: feishu_im_user_message (msg_type=file, content={'file_key': <token>})"

Recommendation

Confirm after use that the file was actually uploaded and sent, and the publisher should make the staged workflow explicit.