video-remix
PassAudited by VirusTotal on May 11, 2026.
Overview
Type: OpenClaw Skill Name: video-remix Version: 1.0.7 The skill bundle implements a comprehensive video processing pipeline including YouTube downloading, browser-based AI analysis, and local file sharing. It is classified as suspicious due to several high-risk capabilities: it instructs the agent to perform system-level package installations (e.g., `sudo apt install` in `SKILL.md`), utilizes browser automation to scrape content from Gemini, and launches a local HTTP server (`scripts/gemini_first_remix.py`) to expose the workspace to the local network. While these behaviors are aligned with the stated goal of automated video editing and sharing, the combination of shell execution, remote content fetching, and network service hosting creates a significant attack surface.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may act through a browser session associated with the user and send the YouTube URL/prompt to Gemini without a separate, explicit credential approval step.
The skill instructs the agent to open Gemini using a named browser profile, which may use an existing Google/Gemini session. The supplied metadata declares no primary credential or required credential boundary.
browser(action="start", profile="openclaw") ... browser(action="navigate", url="https://gemini.google.com/")
Declare Gemini/Google account usage in metadata and SKILL.md, require user confirmation before browser-profile use, and document which profile/account is used and what data is sent.
A user who simply provides a YouTube URL may trigger browser automation and third-party processing sooner than expected.
The workflow tells the agent to immediately and mandatorily use browser automation once a URL is provided, reducing user control over an external-service action.
**顺序要求(强制):** ... **必须立即执行阶段 1(片段规划)** ... **触发时机:** 用户提供 YouTube URL 后 **立即执行**
Add an explicit confirmation step before launching Gemini/browser automation, and make the fallback/offline path and stopping conditions clear.
Future installs may pull newer package versions with different behavior or vulnerabilities.
The Python dependencies are version-ranged rather than pinned exactly. They are expected for this media-processing workflow, but the installed code may change over time.
yt-dlp>=2024.0.0 ... faster-whisper>=1.0.0 ... edge-tts>=6.1.0 ... openai>=1.0.0 ... requests>=2.28.0
Install in a virtual environment and prefer pinned, reviewed dependency versions or a lockfile.
Running the setup may install or update software on the machine, including via sudo on Debian/Ubuntu.
The setup instructions install system and Python packages. This is expected for video downloading, TTS, and FFmpeg subtitle rendering, but it changes the local environment.
sudo apt update -y sudo apt install -y ffmpeg yt-dlp libass-dev ... pip3 install edge-tts ... pip3 install yt-dlp
Review the commands first, run them manually where possible, and use an isolated environment for Python packages.
People or devices on the same local network may be able to access the generated video if the share server is exposed broadly.
The skill discloses that generated output may be shared over a LAN HTTP address, but the visible artifact excerpt does not specify authentication or network binding details.
最后通过**局域网 HTTP**分享 ... 输出:output/final_hardsub.mp4、output/full_voiceover.mp3、output/subtitles.srt、HTTP 分享地址
Only enable LAN sharing on trusted networks, document the bind address/port, and provide an easy way to disable sharing.