← 返回 Skills 市场
jwl1992

Audio Editor

作者 jwl1992 · GitHub ↗ · v1.0.0
cross-platform ⚠ suspicious
1061
总下载
0
收藏
9
当前安装
1
版本数
在 OpenClaw 中安装
/install audio-editor
功能描述
Perform audio editing tasks including trimming, volume adjustment, format conversion, and extracting audio from video files using natural language commands.
使用说明 (SKILL.md)

Audio Editor

Description

音频处理技能,支持剪辑、音量调整、格式转换、提取视频音频等操作。

Dependencies

  • ffmpeg >= 5.0

Commands

edit_audio

  • Description: 自然语言执行音频处理
  • Parameters:
    • command: 音频处理需求(必填)
    • output: 输出路径(可选)
  • Output: 处理后的音频路径

extract_audio

  • Description: 从视频提取音频
  • Parameters:
    • input: 视频路径(必填)
    • output: 输出音频路径(可选)
  • Output: 提取的音频路径
安全使用建议
This skill performs audio work with ffmpeg, which matches its description, but the included script constructs shell commands and uses eval on user-provided text. That allows arbitrary shell execution if input is not strictly controlled. Before installing or running: (1) ensure you trust the skill source; (2) inspect and test the script in a safe environment; (3) do not run it with untrusted natural-language inputs; (4) consider patching the script to remove eval, build command arrays, properly quote/escape filenames, and whitelist acceptable operations; (5) ensure ffmpeg, grep -P, and bc are available. If you need the same functionality in a higher-security context, prefer a version that avoids eval and validates inputs.
功能分析
Type: OpenClaw Skill Name: audio-editor Version: 1.0.0 The skill is highly suspicious due to a critical shell injection vulnerability (RCE) found in `scripts/audio_run.sh`. The `parse_natural_language` function, if it fails to match specific audio processing patterns, directly echoes the user-provided `command` parameter. This unsanitized output is then executed via `eval "$AUDIO_CMD"` in the main logic, allowing an attacker to execute arbitrary shell commands. While this is a severe vulnerability, there is no clear evidence of intentional malicious behavior like data exfiltration or persistence, classifying it as a flaw that *allows* attacks rather than being *designed* to attack.
能力评估
Purpose & Capability
Skill claims audio editing and the script performs ffmpeg-based operations, which is consistent. However the registry metadata lists no required binaries while SKILL.md names ffmpeg >= 5.0; the script also relies on grep -P and bc but those are not declared. This mismatch between declared requirements and actual runtime needs is worth noting.
Instruction Scope
The runtime script (scripts/audio_run.sh) parses natural-language input but falls back to echoing the raw user-provided string and then runs eval on it. That means if the command doesn't match the simple parsing rules the script will execute arbitrary shell code supplied by the user. Constructed ffmpeg commands are built without robust quoting/escaping, so malicious or malformed filenames or input could lead to command injection or unintended shell execution. The SKILL.md does not warn about this behaviour or limit allowed inputs.
Install Mechanism
No install spec (instruction-only plus a helper script). Nothing is downloaded or written by an installer, which reduces supply-chain risk. The script itself will run locally when invoked.
Credentials
The skill requests no credentials or special environment variables. It does use $HOME for a default output path and expects ffmpeg, grep (with -P support), and bc to be available — these are reasonable for audio processing but were not fully declared in registry metadata.
Persistence & Privilege
always is false and the skill is user-invocable only. It does not request persistent system-wide changes or modify other skills/configs.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install audio-editor
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /audio-editor 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Audio Editor 1.0.0 – Initial Release - 提供音频处理功能,包括剪辑、音量调整、格式转换等 - 支持从视频中提取音频 - 新增 edit_audio 命令:通过自然语言进行音频编辑 - 新增 extract_audio 命令:直接从视频提取音频 - 依赖 ffmpeg >= 5.0
元数据
Slug audio-editor
版本 1.0.0
许可证
累计安装 11
当前安装数 9
历史版本数 1
常见问题

Audio Editor 是什么?

Perform audio editing tasks including trimming, volume adjustment, format conversion, and extracting audio from video files using natural language commands. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 1061 次。

如何安装 Audio Editor?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install audio-editor」即可一键安装,无需额外配置。

Audio Editor 是免费的吗?

是的,Audio Editor 完全免费(开源免费),可自由下载、安装和使用。

Audio Editor 支持哪些平台?

Audio Editor 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Audio Editor?

由 jwl1992(@jwl1992)开发并维护,当前版本 v1.0.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191113 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论