← 返回 Skills 市场
edmonddantesj

AOI Demo Clip Maker

作者 edmonddantesj · GitHub ↗ · v0.1.4
cross-platform ⚠ suspicious
784
总下载
0
收藏
0
当前安装
5
版本数
在 OpenClaw 中安装
/install aoi-demo-clip-maker
功能描述
Create and edit macOS hackathon demo clips via terminal commands to record, crop, trim, and apply presets using ffmpeg/ffprobe locally.
使用说明 (SKILL.md)

AOI Demo Clip Maker (macOS)

S-DNA: AOI-2026-0215-SDNA-CLIP01

What this is

A terminal-only (public-safe) utility skill to create hackathon demo clips on macOS.

It wraps ffmpeg/ffprobe to:

  • list capture devices (avfoundation)
  • record a screen for N seconds
  • crop the top bar (menu/title)
  • trim clips
  • use simple presets

What this is NOT

  • No YouTube upload
  • No form submission
  • No external posting
  • No secret handling

Requirements

  • macOS
  • ffmpeg and ffprobe installed
  • Screen Recording permission granted to your terminal app

Commands

1) List devices (avfoundation)

aoi-clip devices

2) Record (screen capture)

# pixel_format auto-fallback is enabled by default
# (tries: uyvy422 → nv12 → yuyv422 → 0rgb → bgr0)
aoi-clip record --out tempo_demo_raw.mp4 --duration 15 --fps 30 --screen "Capture screen 0"

# optionally force a specific pixel format
# aoi-clip record --out tempo_demo_raw.mp4 --duration 15 --fps 30 --screen "Capture screen 0" --pixel uyvy422

3) Crop top bar

# explicit crop
aoi-clip crop --in tempo_demo_raw.mp4 --out tempo_demo_crop.mp4 --top 150

# auto-recommend top crop based on video height (still applies crop, but chooses a value)
aoi-clip crop --in tempo_demo_raw.mp4 --out tempo_demo_crop.mp4 --top auto

4) Trim

aoi-clip trim --in tempo_demo_crop.mp4 --out tempo_demo_15s.mp4 --from 0 --to 15

5) Preset: terminal

aoi-clip preset terminal --out demo.mp4

Security / Audit posture

This skill runs local ffmpeg/ffprobe only, using a strict allowlist of binaries and arguments.

Release governance (public)

We publish AOI skills for free and keep improving them. Every release must pass our Security Gate and include an auditable changelog. We do not ship updates that weaken security or licensing clarity. Repeated violations trigger progressive restrictions (warnings → publish pause → archive).

Support

License

MIT

安全使用建议
This skill appears to do what it says: run local ffmpeg/ffprobe commands to record and edit demo clips on macOS. Before installing or running it: (1) ensure ffmpeg and ffprobe are from a trusted source, (2) only run the CLI from an unprivileged account (avoid root), (3) be cautious about filenames/paths you pass to crop/trim — the script does not consistently block absolute paths or path traversal for all commands, so don't supply sensitive system paths as inputs/outputs, and (4) understand that although binaries are allowlisted, arguments are not validated, so review exact ffmpeg usage if you need stricter argument controls. If you want higher assurance, request the author to (a) consistently sanitize/validate input/output paths for all commands and (b) implement an explicit allowlist or sanitization for ffmpeg arguments or construct ffmpeg invocations in a way that prevents injection of unintended flags.
功能分析
Type: OpenClaw Skill Name: aoi-demo-clip-maker Version: 0.1.4 The skill bundle is classified as suspicious due to a path traversal vulnerability in the `crop` and `trim` functions within `skill.js`. While the skill correctly uses an allowlist for binaries (`ffmpeg`, `ffprobe`) and `spawnSync` to prevent shell injection, it fails to sanitize or validate the `inFile` and `out` arguments for path traversal in `crop` and `trim`. This allows an attacker to specify arbitrary file paths (e.g., `../../../etc/passwd`) for input and output, potentially leading to unauthorized file reads or writes outside the intended working directory. The `record` function does include a check for its `out` argument, but this check is not consistently applied across all file-handling functions, and `presetTerminal` passes an unchecked `out` argument to `crop`.
能力评估
Purpose & Capability
Name/description match the code and SKILL.md: the skill wraps ffmpeg/ffprobe to list devices, record, crop, trim, and provide a preset. It does not request unrelated credentials or config paths. The only external dependency it requires in practice is ffmpeg/ffprobe (documented in SKILL.md).
Instruction Scope
SKILL.md describes only local ffmpeg/ffprobe usage and no network/exfiltration. The code adheres to that: it spawns local ffmpeg/ffprobe processes and prints output. However, the README claims a “strict allowlist of binaries and arguments” while the implementation only enforces a binaries allowlist (ALLOWED_BINS) and does not validate or restrict ffmpeg arguments. Also, record enforces that --out be a simple filename (no '/' or '..'), but crop/trim/preset do not consistently restrict output paths — so the code may read/write arbitrary paths supplied by the user.
Install Mechanism
No install spec; this is an instruction-only skill with an included Node CLI script. No external downloads or install steps are present in the package metadata.
Credentials
The skill requests no environment variables, no credentials, and no config files. It does not attempt network connections or include any hard-coded endpoints. This is proportionate for a local ffmpeg wrapper.
Persistence & Privilege
always is false and the skill does not modify other skills or system configuration. It runs only when invoked and doesn't request elevated persistent privileges.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install aoi-demo-clip-maker
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /aoi-demo-clip-maker 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v0.1.4
Fix arg parsing: allow single-level commands where the second token is a flag (e.g. aoi-clip --help).
v0.1.3
Docs: add GitHub Issues support link (aoi-skills).
v0.1.2
Crop: add --top auto (ffprobe-based heuristic recommendation). Version bump.
v0.1.1
Record: add pixel_format auto-fallback (uyvy422→nv12→yuyv422→0rgb→bgr0). Docs updated. MIT.
v0.1.0
Initial terminal-only release. Record/crop/trim/preset using ffmpeg/ffprobe with strict allowlist. MIT.
元数据
Slug aoi-demo-clip-maker
版本 0.1.4
许可证
累计安装 0
当前安装数 0
历史版本数 5
常见问题

AOI Demo Clip Maker 是什么?

Create and edit macOS hackathon demo clips via terminal commands to record, crop, trim, and apply presets using ffmpeg/ffprobe locally. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 784 次。

如何安装 AOI Demo Clip Maker?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install aoi-demo-clip-maker」即可一键安装,无需额外配置。

AOI Demo Clip Maker 是免费的吗?

是的,AOI Demo Clip Maker 完全免费(开源免费),可自由下载、安装和使用。

AOI Demo Clip Maker 支持哪些平台?

AOI Demo Clip Maker 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 AOI Demo Clip Maker?

由 edmonddantesj(@edmonddantesj)开发并维护,当前版本 v0.1.4。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463815 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259802 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200680 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191345 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190333 · by oswalpalash

💬 留言讨论