← 返回 Skills 市场
psyb0t

mediaproc

作者 Ciprian Mandache · GitHub ↗ · v2.0.1 · MIT-0
cross-platform ⚠ suspicious
1254
总下载
0
收藏
0
当前安装
5
版本数
在 OpenClaw 中安装
/install mediaproc
功能描述
Process media files (video, audio, images) via a locked-down SSH container with ffmpeg, sox, and imagemagick. Use when the user wants to transcode video, pro...
安全使用建议
This skill appears to do what it says (run media tools inside a remote container over SSH), but there are some practical and security issues to consider before using it: - Environment mismatch: The registry metadata does not declare MEDIAPROC_HOST and MEDIAPROC_PORT, yet the script and SKILL.md require them. Expect to set these to point at a trusted mediaproc server you control. - SSH risks: The provided wrapper will automatically accept new host keys (StrictHostKeyChecking=accept-new). That simplifies first-time use but increases the risk of a man-in-the-middle attack. Prefer to verify host keys manually or use known_hosts management. - Install recommendation is risky: references/setup.md suggests piping a GitHub raw install.sh into sudo bash. Do NOT run that blind. Inspect the install.sh contents locally (git clone or curl to a file and review) before running, or build/run the container yourself. - Trust the remote host: Media and file uploads are sent to the mediaproc server; a compromised or malicious server can read/exfiltrate uploaded files or execute arbitrary commands. Only point MEDIAPROC_HOST at a host you control or fully trust. - Mitigations: review the install script, run the mediaproc container locally if possible, use an ephemeral SSH key restricted to the mediaproc instance, verify host keys, and avoid using sudo piping from the web. If you need stronger assurance, ask the publisher for signed releases or source code you can audit. If the publisher updates the registry metadata to declare the required env vars and removes or documents safer install steps (no sudo curl|bash), the incoherence and install risk would be resolved and my confidence would increase.
功能分析
Type: OpenClaw Skill Name: mediaproc Version: 2.0.1 The skill bundle contains high-risk patterns, most notably in references/setup.md, which encourages users to execute a remote script via 'curl | sudo bash', a common vector for supply chain attacks. Additionally, the SSH wrapper in scripts/mediaproc.sh passes raw, unvalidated arguments ('$*') to the remote host and uses 'StrictHostKeyChecking=accept-new', which could facilitate command injection or man-in-the-middle attacks. While these represent significant security vulnerabilities, they appear to be design flaws rather than intentional malware.
能力评估
Purpose & Capability
The SKILL.md requires MEDIAPROC_HOST and MEDIAPROC_PORT and SSH access to a mediaproc instance, but the registry metadata lists no required env vars or credentials — that mismatch is incoherent. Otherwise the commands and wrapper script align with the stated media-processing purpose.
Instruction Scope
Runtime instructions allow uploading files and running arbitrary media commands on a remote container via SSH, which is consistent with the purpose. However the wrapper uses ssh with StrictHostKeyChecking=accept-new (automatic acceptance of new host keys), which raises MITM risk. The instructions also point users to running an install script that provisions SSH keys and a local mediaproc host; those setup directions increase the attack surface if the remote image or install script is untrusted.
Install Mechanism
There is no formal install spec in the registry, but references/setup.md tells users to run curl -fsSL https://raw.githubusercontent.com/psyb0t/docker-mediaproc/main/install.sh | sudo bash. Piping a remote script to sudo bash is a high-risk recommendation even when hosted on GitHub raw; it can run arbitrary code as root. The skill itself doesn’t install code, but the provided setup guidance is risky.
Credentials
The skill does not declare required env vars in the registry metadata, yet both SKILL.md and scripts/mediaproc.sh require MEDIAPROC_HOST and MEDIAPROC_PORT. That inconsistency hides the fact that the agent/user must supply network endpoints and SSH access (and will expose file transfer through that channel). No API keys are requested, which is appropriate, but the missing declared env vars is misleading.
Persistence & Privilege
The skill is not always-enabled and does not request system-level privileges in the registry. The wrapper is a simple SSH proxy and does not modify other skills or agent config. Autonomous invocation is allowed (default) but that is normal behavior and not by itself a concern.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install mediaproc
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /mediaproc 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v2.0.1
No user-visible changes in this version. - Version bump only; no changes detected in skill documentation or files.
v2.0.0
v2
v1.0.2
Initial release. - Process video, audio, and image files via SSH in a locked-down container. - Provides common media tools: ffmpeg, sox, ImageMagick, and related utilities. - Supports secure file operations: upload, download, list, remove, and directory management within a confined workspace. - Includes video, audio, and image processing examples and plugin support for effects. - Enforces strong security by whitelisting commands and locking all paths under /work.
v1.1.0
- Added explicit instructions for accepting the SSH host key on first connection to prevent host verification errors. - Clarified usage of the `ls` command: output style (`ls -alph`), exclusion of `.` and `..`, and support for `--json` flag. - Updated file management examples to show both standard and JSON listing with `ls`. - No code or interface changes; these are documentation and usability improvements.
v1.0.0
Initial release of mediaproc. - Provides locked-down media processing over SSH using ffmpeg, sox, and ImageMagick. - All operations are confined to a container and restricted to whitelisted commands—no shell access or injection risk. - Supports file management commands (ls, put, get, rm, mkdir, rmdir, rrmdir). - Allows audio, video, and image transformations, with multiple plugin and font options. - Requires configuration of MEDIAPROC_HOST and MEDIAPROC_PORT. - Enhanced security: SSH key authentication only, strict path confinement, and complete shell exclusion.
元数据
Slug mediaproc
版本 2.0.1
许可证 MIT-0
累计安装 0
当前安装数 0
历史版本数 5
常见问题

mediaproc 是什么?

Process media files (video, audio, images) via a locked-down SSH container with ffmpeg, sox, and imagemagick. Use when the user wants to transcode video, pro... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 1254 次。

如何安装 mediaproc?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install mediaproc」即可一键安装,无需额外配置。

mediaproc 是免费的吗?

是的,mediaproc 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

mediaproc 支持哪些平台?

mediaproc 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 mediaproc?

由 Ciprian Mandache(@psyb0t)开发并维护,当前版本 v2.0.1。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191113 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论