← Back to Skills Marketplace
421
Downloads
0
Stars
1
Active Installs
1
Versions
Install in OpenClaw
/install dz-podcast
Description
Generate and publish a dual-host daily podcast. Fetches news, generates a conversational script between two hosts, synthesizes audio via Fish Audio or Edge T...
README (SKILL.md)
Dual-Host Daily Podcast Generator
Automated daily podcast with two AI hosts. Generates text brief + dual-voice audio, publishes to RSS, delivers via messaging.
Concept
- Format: Two hosts — one explains/analyzes, the other asks and transitions
- Duration: Configurable, default ~7 minutes
- Style: Casual, opinionated, conversational — like two friends chatting about the news
- Topics: Customizable (default: AI/Tech, Stocks, Macro, Crypto)
Architecture
Fetch News → Text Brief → Dual-Voice Script → TTS Audio → S3 Upload → RSS Update → Deliver
Configuration
Set these in your environment:
| Variable | Description |
|---|---|
S3_BUCKET |
S3 bucket name |
PODCAST_DOMAIN |
Custom domain or S3 URL |
FISH_API_KEY |
Fish Audio API key (https://fish.audio) |
FISH_VOICE_A |
Fish Audio voice ID for Host A |
FISH_VOICE_B |
Fish Audio voice ID for Host B |
Step 1: Fetch News
Use web_fetch to scrape sources in parallel. Default sources:
https://news.ycombinator.com/— Techhttps://www.coindesk.com/— Cryptohttps://techcrunch.com/category/artificial-intelligence/— AIhttps://finance.yahoo.com/— Markets
Customize sources to match your podcast topic.
Step 2: Generate Text Brief
Organize news into sections with emoji headers:
☀️ Daily Brief | Mar 3, 2026
━━━━━━━━━━━━━━━━━━
🤖 Tech / AI
① Headline
→ One-line take
━━━━━━━━━━━━━━━━━━
📈 Markets
① Headline
→ One-line take
━━━━━━━━━━━━━━━━━━
🎯 Key Takeaway
Summary paragraph
Step 3: Generate Dual-Voice Script
Rewrite the brief as a dialogue. Prefix each line with speaker tag:
HostA: Welcome to today's episode...
HostB: Some big stories today...
HostA: Right, let's start with...
Guidelines:
- Host A: Explains and analyzes, knowledgeable but casual
- Host B: Asks, transitions, reacts
- Substantial turns, not one-liners
- Include analysis and discussion, not just headlines
- End with a lighter topic + sign-off
Step 4: Generate Audio
Fish Audio (recommended — natural, multi-voice):
python3 scripts/fish_dual_tts.py \x3Cscript.txt> \x3Coutput.mp3>
Parses speaker tags, sends each segment to Fish Audio, concatenates into final MP3.
Edge TTS (free fallback, single voice):
edge-tts --voice en-US-GuyNeural --rate "+5%" --file script.txt --write-media output.mp3
Step 5: Publish
bash scripts/generate_episode.sh \x3Cdate> \x3CEP-number> \x3Ctitle> \x3Cdescription> \x3Cmp3-file>
What it does:
- Upload MP3 to S3
- Get actual duration via ffprobe
- Insert
\x3Citem>into RSS feed (newest first) - Update
\x3ClastBuildDate>
Step 6: Deliver
Send text brief + audio via your preferred channel (Telegram, Discord, Slack, etc.)
RSS Feed
See references/rss-format.md for XML template.
Key rules:
\x3Citunes:duration>= actual duration from ffprobe (never hardcode)\x3Cenclosure length>= actual file size in bytes\x3Citunes:owner>with email for Apple/Spotify verification- Cover: 3000x3000 JPEG minimum
Hosting Options
| Option | Notes |
|---|---|
| S3 + Cloudflare Worker | Free HTTPS, recommended |
| S3 + CloudFront | Native AWS |
| Any static host | Just serve MP3 + feed.xml |
Cron (OpenClaw)
openclaw cron add --task "Generate daily podcast" --cron "0 8 * * *" --tz "Your/Timezone"
Dependencies
python3+requests— Fish Audio TTSffmpeg/ffprobe— Audio processingawsCLI — S3 uploadedge-tts(optional) — Free fallback TTS
Usage Guidance
This skill appears to implement what it claims, but it has multiple inconsistencies and sloppy defaults you should fix before using in production: 1) Metadata incorrectly claims no required env vars — treat S3 credentials and the Fish Audio API key as required secrets. 2) fish_dual_tts.py contains hard-coded placeholder API_KEY and VOICE IDs instead of reading FISH_API_KEY / FISH_VOICE_A / FISH_VOICE_B from the environment; update the script to read credentials from env vars and never commit real keys into code. 3) The script parser and the documentation use different speaker formats ([HostA] vs HostA:); reconcile them so TTS segments are parsed correctly. 4) generate_episode.sh uses the aws CLI and whatever AWS credentials are present on the machine; run this only with an IAM user/role that has minimal S3 permissions (putObject/listObject) scoped to the podcast bucket. 5) Test in an isolated account or environment before giving it access to your real S3 or messaging channels. 6) Review web scraping targets for legal/robots constraints. If you want to proceed, require the author to: update registry metadata to declare required env vars and binaries, change code to read env vars securely, and add input validation/error handling. Absent these fixes, treat the skill as untrusted and run only in a sandbox with least-privilege credentials.
Capability Analysis
Type: OpenClaw Skill
Name: dz-podcast
Version: 1.0.0
The skill bundle contains critical shell injection vulnerabilities within `scripts/generate_episode.sh`. Specifically, the `date -d "${DATE}"` command allows arbitrary command execution if the `$DATE` variable is controlled by an attacker, and the `sed` command embedding `$NEW_ITEM` is also vulnerable to injection. These flaws could lead to Remote Code Execution (RCE) if an attacker can influence the inputs (e.g., podcast title, description, or date) provided to the script, either directly or via prompt injection against the OpenClaw agent. While the overall intent of the skill (podcast generation) appears benign, these severe vulnerabilities classify it as suspicious due to the high risk of exploitation.
Capability Assessment
Purpose & Capability
The functionality (fetch news, generate script, TTS, upload to S3, update RSS) is coherent with the name/description. However the registry metadata claims no required environment variables or binaries while the SKILL.md and included scripts clearly require S3 access, an external TTS API key (Fish Audio), ffprobe/ffmpeg, and the aws CLI. That mismatch (metadata says 'none' but the runtime needs credentials/tools) is a substantive incoherence.
Instruction Scope
SKILL.md instructions stay within podcast generation/publishing scope (scrape news, create dialogue, synthesize audio, upload, update RSS). However there are practical/behavioral issues: it tells the agent to 'web_fetch' scrape several sites (reasonable for news but watch robots/terms-of-service), and references delivering via messaging without specifying endpoints. More importantly, the code expects/uses formats different from examples (script parser expects '[HostA] text' but docs show 'HostA: ...'), and generate_episode.sh edits feed.xml in /tmp then uploads — typical but relies on aws CLI and whatever credentials are present. Overall behavior is within the claimed purpose but not robust or fully specified.
Install Mechanism
There is no install spec and the skill is instruction-only with included scripts — nothing is downloaded or executed at install time. This lowers supply-chain risk. Required runtime dependencies are listed in SKILL.md but not enforced by an install step.
Credentials
The skill actually needs sensitive credentials and local config (S3 bucket access via aws CLI credentials, Fish Audio API key) but the registry metadata lists 'Required env vars: none'. The included fish_dual_tts.py hard-codes API_KEY/VOICE IDs as placeholders instead of reading environment variables (SKILL.md expects FISH_API_KEY, FISH_VOICE_A/B). generate_episode.sh uses S3_BUCKET/PODCAST_DOMAIN environment variables but falls back to defaults, and will use whatever AWS credentials are configured on the host. These discrepancies mean you could accidentally expose or use the wrong credentials; required secrets are not declared and the code does not safely read them.
Persistence & Privilege
The skill does not request always:true and does not modify other skills or system-wide agent settings. It runs as an on-demand tool and performs publishing actions (S3 uploads) when invoked — standard for this purpose. Autonomous invocation is allowed (platform default) but is not combined with other high-risk privileges here.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install dz-podcast - After installation, invoke the skill by name or use
/dz-podcast - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
dz-podcast 1.0.0 — Initial Release
- Fully automated, dual-host daily podcast generator.
- Fetches news, generates conversational scripts, creates dual-voice audio (Fish Audio or Edge TTS), and publishes episodes to S3 with a valid RSS feed.
- Full support for Apple Podcasts, Spotify, and other major platforms.
- Highly configurable topics, sources, and delivery channels.
- Built-in cron automation for daily episode creation.
Metadata
Frequently Asked Questions
What is Dual-Host Daily Podcast Generator?
Generate and publish a dual-host daily podcast. Fetches news, generates a conversational script between two hosts, synthesizes audio via Fish Audio or Edge T... It is an AI Agent Skill for Claude Code / OpenClaw, with 421 downloads so far.
How do I install Dual-Host Daily Podcast Generator?
Run "/install dz-podcast" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Dual-Host Daily Podcast Generator free?
Yes, Dual-Host Daily Podcast Generator is completely free (open-source). You can download, install and use it at no cost.
Which platforms does Dual-Host Daily Podcast Generator support?
Dual-Host Daily Podcast Generator is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Dual-Host Daily Podcast Generator?
It is built and maintained by Dachao (@dz1922); the current version is v1.0.0.
More Skills