← Back to Skills Marketplace

lgCapture

Name: lgCapture
Author: ly5201314gjx

by ly5201314gjx · GitHub ↗ · v1.0.0

cross-platform ⚠ suspicious

497

Downloads

Stars

Active Installs

Versions

Install in OpenClaw

/install lgcapture

Description

Automatically fetch Douyin videos from short, standard, or share links by extracting video ID and downloading via simulated iPhone browser.

README (SKILL.md)

lgCapture - 抖音视频抓取技能

技能描述

自动抓取抖音视频，支持短链接和标准链接。

使用方法

python3 douyin.py \x3C抖音链接>

支持的链接格式

https://v.douyin.com/xxx (短链接)
https://www.douyin.com/video/123456789 (标准链接)
https://www.iesdouyin.com/share/video/123456789 (分享链接)

核心算法 (2026-02-25 实测有效)

提取视频ID
Playwright 访问页面 (模拟 iPhone)
获取 video 元素 src 属性
解析 video_id 构造下载链接
下载保存

依赖

playwright
chromium

更新日志

v1.0: 初始版本
lgCapture: 优化算法，实测有效

Usage Guidance

This skill appears coherent and does what it says: load Douyin pages in a headless Chromium browser and download videos to /tmp. Before installing or running: (1) ensure you install Playwright and its browser binaries from the official source so you know what is being downloaded; (2) run the scripts in an isolated environment (container or VM) if you are concerned about network activity or handling untrusted links; (3) be aware of copyright/ToS implications for downloading content; (4) review or run the included code locally — it does not exfiltrate secrets or require credentials, but it will fetch remote content and save files to disk.

Capability Analysis

Type: OpenClaw Skill Name: lgcapture Version: 1.0.0 The skill bundle contains a script, `download.py`, which has a path traversal vulnerability. This script accepts an optional `output_file` argument from `sys.argv[2]` and uses it directly in `open(output_file, 'wb')` without any sanitization. Although the `SKILL.md` instructions guide the agent to use `douyin.py` (which is benign and writes only to `/tmp/`), the presence of `download.py` in the bundle means an attacker could potentially use prompt injection to instruct the agent to execute `download.py` with a malicious `output_file` path (e.g., `../../../../etc/passwd`), leading to arbitrary file write. This is a vulnerability that could be exploited, making the skill suspicious.

Capability Assessment

✓ Purpose & Capability

Name/description (fetch Douyin videos) align with the included Python scripts: both douyin.py and download.py parse Douyin links, use Playwright to load pages as an iPhone, extract video URLs and download them. No unrelated services, credentials, or binaries are requested.

✓ Instruction Scope

SKILL.md describes the same steps implemented in the code (extract video ID, simulate iPhone via Playwright, read video.src or observe network responses, download and save). The code only accesses network resources required to fetch the page and video (douyin domains and related CDNs) and writes output to /tmp; it does not read local secrets, other files, or send data to unexpected endpoints.

ℹ Install Mechanism

This is instruction‑plus-code with no install spec. SKILL.md declares dependencies (playwright, chromium) but the package does not install them automatically. Installing Playwright separately will typically download a Chromium binary; that external download is normal but worth noting since it pulls code onto disk outside the skill bundle.

✓ Credentials

The skill requires no environment variables, no credentials, and no config paths. The code uses standard libraries (requests, playwright) and only connects to Douyin/CDN URLs — so requested permissions are proportionate to the stated function.

✓ Persistence & Privilege

Skill is user-invocable, not always-enabled. It does not modify other skills or system-wide configuration. Runtime behavior writes downloaded video files to /tmp (transient) and does not request persistent system privileges.

How to Use

Make sure OpenClaw is installed (local or Docker)
Run the install command in chat: /install lgcapture
After installation, invoke the skill by name or use /lgcapture
Provide required inputs per the skill's parameter spec and get structured output

Version History

v1.0.0

Initial release of lgCapture - Automatic grabbing of Douyin videos using both short and standard links - Simple CLI usage: python3 douyin.py <link> - Supports multiple Douyin link formats - Uses Playwright (with Chromium) to simulate iPhone for video extraction - Improved extraction algorithm, confirmed effective as of 2026-02-25

Metadata

Slug lgcapture

Version 1.0.0

License —

All-time Installs 1

Active Installs 1

Total Versions 1

Frequently Asked Questions

What is lgCapture?

Automatically fetch Douyin videos from short, standard, or share links by extracting video ID and downloading via simulated iPhone browser. It is an AI Agent Skill for Claude Code / OpenClaw, with 497 downloads so far.

How do I install lgCapture?

Run "/install lgcapture" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is lgCapture free?

Yes, lgCapture is completely free (open-source). You can download, install and use it at no cost.

Which platforms does lgCapture support?

lgCapture is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created lgCapture?

It is built and maintained by ly5201314gjx (@ly5201314gjx); the current version is v1.0.0.

More Skills