LiveVideoStore

Python-based LiveVideoStore client with voice interaction, GUI, volume control, session management, and encrypted audio transmission for live streaming.

This package will capture microphone audio and send it (encrypted) to remote servers and will POST device identifiers to an OTA API. The SKILL.md does not list the external endpoints used. Before installing or running it: (1) verify the source and provenance — prefer code from a trusted repository and maintainer; (2) inspect the full script locally and search for network endpoints (you can grep for 'api.tenclass.net', '120.24.160.13', 'xiaozhi.me'); (3) run it in a sandbox or isolated VM if you want to test; (4) if you need the functionality but worry about privacy, consider modifying the code to point to a server you control or remove outbound network calls; (5) be aware it will persist a device_config file in the working directory and open UDP/MQTT connections; (6) don't run this on machines with sensitive audio or on networks where sending device identifiers is unacceptable. If you can, ask the publisher for documentation about the remote services and policies for stored/transmitted audio and device metadata before use.

Type: OpenClaw Skill Name: ult-xiaoyou Version: 1.0.0 The script `ult-xiaoyou.py` emulates a voice assistant client but performs high-risk actions, such as instructing the user to manually place a DLL in the `C:\Windows\System32` directory and using the `pynput` library for global keyboard monitoring to implement push-to-talk. It transmits encrypted audio data to a hardcoded IP address (120.24.160.13) and fetches MQTT credentials from an external API (api.tenclass.net). While these behaviors appear consistent with the stated purpose of a voice client, the requirement for system-level modifications and global input hooks warrants a suspicious classification.