← 返回 Skills 市场
62
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install reel-digest
功能描述
Download, transcribe, extract frames, and deeply analyze any video or reel from URL (Instagram, YouTube, TikTok, X, direct MP4). Use when user shares a video...
安全使用建议
What to consider before installing: 1) The tool does what it says (downloads and analyzes videos) and needs local binaries (ffmpeg, yt-dlp, curl) and the faster-whisper Python package. 2) Safety concerns: the Python script builds shell commands using user-supplied URLs with shell=True, which can allow command injection if a malicious URL is provided; it also fetches arbitrary URLs (possible SSRF to internal services). 3) Mitigations: only run this skill in a sandboxed environment (isolated container or VM) with limited filesystem and network access; validate or sanitize URLs before use; replace subprocess.run(..., shell=True, f'...{url}...') with safe argument lists (list form) or proper escaping; restrict network egress if you don't want the agent accessing internal hosts; inspect/confirm presence and source of yt-dlp and other binaries before running. 4) If you are not comfortable patching/sandboxing, avoid installing or only use on unprivileged throwaway systems.
能力标签
能力评估
Purpose & Capability
Name/description (download, frames, transcription, analysis) matches what the code and SKILL.md implement. Declared runtime requirements (curl, ffmpeg, yt-dlp, faster-whisper) are appropriate and appear necessary for the described pipeline.
Instruction Scope
Runtime instructions and included scripts do only the claimed tasks (download video, extract audio/frames, transcribe). However the code accepts arbitrary URLs and performs network fetches (urllib/curl/yt-dlp) which can be used to access internal network resources (SSRF) or untrusted hosts. More seriously, reel-digest.py constructs shell commands with user-supplied URL/paths and uses subprocess.run(..., shell=True) and f-strings without robust escaping—this can lead to command injection if an attacker controls the URL or provides specially crafted input. These runtime behaviors go beyond mere analysis and require careful input sanitization or sandboxing.
Install Mechanism
No installation downloads or external install steps are declared (instruction-only install). All code is included in the package. This is lower risk than an installer that fetches arbitrary code, but the package relies on existing third-party binaries (yt-dlp, ffmpeg, curl) and Python libs (faster-whisper) which must be present on the host.
Credentials
The skill requests no environment variables, credentials, or config paths. The listed external requirements (binaries and faster-whisper) are proportional to the stated purpose. There is no built-in credential exfiltration or unexpected secret access in the code.
Persistence & Privilege
The skill is not always-enabled and does not request persistent privileges or modify other skills. It runs on demand and writes outputs to a chosen output directory (defaults to a temp dir).
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install reel-digest - 安装完成后,直接呼叫该 Skill 的名称或使用
/reel-digest触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release: Instagram embed extraction, Whisper transcription, frame extraction, full AI analysis pipeline
元数据
常见问题
Reel Digest 是什么?
Download, transcribe, extract frames, and deeply analyze any video or reel from URL (Instagram, YouTube, TikTok, X, direct MP4). Use when user shares a video... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 62 次。
如何安装 Reel Digest?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install reel-digest」即可一键安装,无需额外配置。
Reel Digest 是免费的吗?
是的,Reel Digest 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Reel Digest 支持哪些平台?
Reel Digest 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Reel Digest?
由 zinou(@casperzinou)开发并维护,当前版本 v1.0.0。
推荐 Skills