← Back to Skills Marketplace
1061
Downloads
0
Stars
9
Active Installs
1
Versions
Install in OpenClaw
/install audio-editor
Description
Perform audio editing tasks including trimming, volume adjustment, format conversion, and extracting audio from video files using natural language commands.
README (SKILL.md)
Audio Editor
Description
音频处理技能,支持剪辑、音量调整、格式转换、提取视频音频等操作。
Dependencies
- ffmpeg >= 5.0
Commands
edit_audio
- Description: 自然语言执行音频处理
- Parameters:
- command: 音频处理需求(必填)
- output: 输出路径(可选)
- Output: 处理后的音频路径
extract_audio
- Description: 从视频提取音频
- Parameters:
- input: 视频路径(必填)
- output: 输出音频路径(可选)
- Output: 提取的音频路径
Usage Guidance
This skill performs audio work with ffmpeg, which matches its description, but the included script constructs shell commands and uses eval on user-provided text. That allows arbitrary shell execution if input is not strictly controlled. Before installing or running: (1) ensure you trust the skill source; (2) inspect and test the script in a safe environment; (3) do not run it with untrusted natural-language inputs; (4) consider patching the script to remove eval, build command arrays, properly quote/escape filenames, and whitelist acceptable operations; (5) ensure ffmpeg, grep -P, and bc are available. If you need the same functionality in a higher-security context, prefer a version that avoids eval and validates inputs.
Capability Analysis
Type: OpenClaw Skill
Name: audio-editor
Version: 1.0.0
The skill is highly suspicious due to a critical shell injection vulnerability (RCE) found in `scripts/audio_run.sh`. The `parse_natural_language` function, if it fails to match specific audio processing patterns, directly echoes the user-provided `command` parameter. This unsanitized output is then executed via `eval "$AUDIO_CMD"` in the main logic, allowing an attacker to execute arbitrary shell commands. While this is a severe vulnerability, there is no clear evidence of intentional malicious behavior like data exfiltration or persistence, classifying it as a flaw that *allows* attacks rather than being *designed* to attack.
Capability Assessment
Purpose & Capability
Skill claims audio editing and the script performs ffmpeg-based operations, which is consistent. However the registry metadata lists no required binaries while SKILL.md names ffmpeg >= 5.0; the script also relies on grep -P and bc but those are not declared. This mismatch between declared requirements and actual runtime needs is worth noting.
Instruction Scope
The runtime script (scripts/audio_run.sh) parses natural-language input but falls back to echoing the raw user-provided string and then runs eval on it. That means if the command doesn't match the simple parsing rules the script will execute arbitrary shell code supplied by the user. Constructed ffmpeg commands are built without robust quoting/escaping, so malicious or malformed filenames or input could lead to command injection or unintended shell execution. The SKILL.md does not warn about this behaviour or limit allowed inputs.
Install Mechanism
No install spec (instruction-only plus a helper script). Nothing is downloaded or written by an installer, which reduces supply-chain risk. The script itself will run locally when invoked.
Credentials
The skill requests no credentials or special environment variables. It does use $HOME for a default output path and expects ffmpeg, grep (with -P support), and bc to be available — these are reasonable for audio processing but were not fully declared in registry metadata.
Persistence & Privilege
always is false and the skill is user-invocable only. It does not request persistent system-wide changes or modify other skills/configs.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install audio-editor - After installation, invoke the skill by name or use
/audio-editor - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Audio Editor 1.0.0 – Initial Release
- 提供音频处理功能,包括剪辑、音量调整、格式转换等
- 支持从视频中提取音频
- 新增 edit_audio 命令:通过自然语言进行音频编辑
- 新增 extract_audio 命令:直接从视频提取音频
- 依赖 ffmpeg >= 5.0
Metadata
Frequently Asked Questions
What is Audio Editor?
Perform audio editing tasks including trimming, volume adjustment, format conversion, and extracting audio from video files using natural language commands. It is an AI Agent Skill for Claude Code / OpenClaw, with 1061 downloads so far.
How do I install Audio Editor?
Run "/install audio-editor" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Audio Editor free?
Yes, Audio Editor is completely free (open-source). You can download, install and use it at no cost.
Which platforms does Audio Editor support?
Audio Editor is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Audio Editor?
It is built and maintained by jwl1992 (@jwl1992); the current version is v1.0.0.
More Skills