← Back to Skills Marketplace
davincievans

Bilibili Subtitle Downloader

by 达芬奇_Davinci · GitHub ↗ · v1.0.0
cross-platform ⚠ suspicious
4332
Downloads
3
Stars
33
Active Installs
1
Versions
Install in OpenClaw
/install bilibili-subtitle-download-skill
Description
下载 Bilibili 视频字幕,将其进行分块以供 LLM(大语言模型)处理,并生成高质量的总结。当用户提供 Bilibili BV 号或 URL,并希望获取视频内容的总结、核心要点或详细的分解时使用。
Usage Guidance
Review before installing. Only scan the Bilibili QR code in a workspace you trust, because the skill saves reusable account cookies locally. After use, consider deleting ~/.openclaw/workspace/bilibili_cookie.txt and bilibili_cheese_session.json, and avoid passing untrusted or malformed video IDs.
Capability Analysis
Type: OpenClaw Skill Name: bilibili-subtitle-download-skill Version: 1.0.0 The skill is classified as suspicious due to a path traversal vulnerability present in both `scripts/download_and_chunk.py` and `scripts/cheese_downloader.py`. The scripts use unsanitized user-provided IDs (BV_ID, EP_ID) directly in `os.path.join` when constructing output directory paths (e.g., `bili_temp/<ID>/`), which could allow an attacker to write files to arbitrary locations on the filesystem. While the skill transparently handles and saves Bilibili login cookies to the OpenClaw workspace, this is a sensitive operation that, combined with the path traversal, could pose a higher risk, though the primary intent of the cookie saving itself is not malicious.
Capability Assessment
Purpose & Capability
Downloading and chunking Bilibili subtitles is coherent with the stated purpose, and the body does disclose BV and Cheese SS/EP workflows. The authenticated course access and account login are purpose-adjacent but materially more sensitive than the short description suggests.
Instruction Scope
The instructions run bundled Python scripts and use a summarization prompt over generated subtitle chunks. I did not find hidden role changes, destructive commands, or autonomous background behavior.
Install Mechanism
The artifact has no installer or lockfile, but the scripts depend on third-party Python packages such as bilibili_api, qrcode, aiohttp, and requests. That is not malicious, but users cannot verify dependency versions from the artifact alone.
Credentials
Network calls to Bilibili APIs and writing subtitle chunks under bili_temp are proportionate for this downloader. The scripts also fetch subtitle URLs returned by Bilibili without allowlisting destination hosts, which is a validation weakness rather than evidence of exfiltration.
Persistence & Privilege
The skill persists Bilibili session cookies in ~/.openclaw/workspace/bilibili_cookie.txt and also writes bilibili_cheese_session.json in the working directory. The Cheese session file persistence is not clearly disclosed in the skill text, and neither path has permission hardening, retention limits, or cleanup instructions.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install bilibili-subtitle-download-skill
  3. After installation, invoke the skill by name or use /bilibili-subtitle-download-skill
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release of the bilibili-subtitle-downloader skill. - Supports downloading and chunking Bilibili video subtitles using Python scripts. - Handles both regular videos (BV ID) and Bilibili courses/episodes (SS/EP ID). - Provides QR code-based login for authentication when required. - Outputs chunked subtitle files for easy processing and summarization. - Includes recommended prompt template for generating accurate and structured summaries from subtitle chunks.
Metadata
Slug bilibili-subtitle-download-skill
Version 1.0.0
License
All-time Installs 33
Active Installs 33
Total Versions 1
Frequently Asked Questions

What is Bilibili Subtitle Downloader?

下载 Bilibili 视频字幕,将其进行分块以供 LLM(大语言模型)处理,并生成高质量的总结。当用户提供 Bilibili BV 号或 URL,并希望获取视频内容的总结、核心要点或详细的分解时使用。 It is an AI Agent Skill for Claude Code / OpenClaw, with 4332 downloads so far.

How do I install Bilibili Subtitle Downloader?

Run "/install bilibili-subtitle-download-skill" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Bilibili Subtitle Downloader free?

Yes, Bilibili Subtitle Downloader is completely free (open-source). You can download, install and use it at no cost.

Which platforms does Bilibili Subtitle Downloader support?

Bilibili Subtitle Downloader is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Bilibili Subtitle Downloader?

It is built and maintained by 达芬奇_Davinci (@davincievans); the current version is v1.0.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463942 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259883 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200739 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191401 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190375 · by oswalpalash

💬 Comments