← 返回 Skills 市场
628
总下载
0
收藏
1
当前安装
1
版本数
在 OpenClaw 中安装
/install video-download-archive
功能描述
Validate single video URLs, download highest-quality files with yt-dlp, and archive results into a Feishu Bitable using platform tools.
安全使用建议
This skill appears to do what it claims (download with yt-dlp and record metadata), but there are several mismatches you should resolve before installing or running it: (1) The script requires external binaries (yt-dlp, ffprobe) and an external helper script at a hardcoded path (/home/jianhao/.../ytfetch.sh) that are not declared — verify that helper and binaries and inspect their contents before use. (2) A Feishu app token and table ID are hardcoded into the Python file: confirm whether that token is intended to be public, rotate it if it's yours, or remove it and supply credentials via platform-provided secure variables. (3) The script prints the token/table id in its JSON output — ensure the platform will not leak that output to third parties. (4) Test the skill in a sandboxed environment, request the author to document required runtime dependencies and the purpose/ownership of the embedded token, and ask for the ytfetch.sh source or a version included in the package. Resolving these items (especially verifying the ytfetch helper and the hardcoded token) would reduce risk and could change the assessment.
功能分析
Type: OpenClaw Skill
Name: video-download-archive
Version: 1.0.0
The skill bundle contains a Python script (scripts/run_video_archive.py) that executes an external shell script using a hardcoded absolute path tied to a specific user's home directory (/home/jianhao/.openclaw/workspace/scripts/ytfetch.sh). This script is not included in the bundle, making its behavior opaque and creating a dependency on the local environment. Additionally, the script contains a hardcoded Feishu Bitable API token (BITABLE_APP_TOKEN), which is a poor security practice. While the logic appears aligned with the stated goal of video archiving, the execution of external, unverified shell scripts via absolute paths is a significant security risk.
能力评估
Purpose & Capability
The skill claims to validate/ download a single video and archive metadata to a Feishu Bitable, which fits the included code. However the package metadata declares no required binaries or credentials while the script clearly calls yt-dlp, ffprobe and an external helper (YTFETCH = /home/jianhao/.openclaw/workspace/scripts/ytfetch.sh). The omission of these runtime requirements is incoherent and likely to cause unexpected behavior.
Instruction Scope
SKILL.md instructs the agent to run scripts/run_video_archive.py and to use the platform's feishu_bitable_app_table_record to write records (not the script). The Python script, however, executes an external script at an absolute path (ytfetch.sh), calls yt-dlp and ffprobe, and prints out a bitable token/table id in its JSON output. These implementation details (external script execution, reliance on local files, and emitting credentials) are not documented in the SKILL.md and enlarge the runtime scope beyond the stated instructions.
Install Mechanism
There is no install spec (instruction-only plus included code), which keeps install risk low. However the code expects external binaries and a helper script to be present on the host filesystem; because these are not provided by the package, the runtime behavior depends on the agent environment and could fail or execute unexpected local scripts.
Credentials
The Python file hardcodes BITABLE_APP_TOKEN and BITABLE_TABLE_ID constants (credentials/IDs) instead of declaring them as required env vars or relying solely on the platform's feishu tool. The skill metadata declares no credentials; embedding an app token in code is a red flag (possible secret leakage or misuse). It also accesses user-local paths (~/Downloads and an absolute home/workspace path) which grants it filesystem visibility beyond a minimal need.
Persistence & Privilege
The skill does not request always:true and does not modify other skills or system-wide settings. Autonomous invocation is allowed (platform default) and is not by itself a problem. The skill does read/write local files in ~/Downloads, which is consistent with its stated purpose but should be expected when granting it runtime.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install video-download-archive - 安装完成后,直接呼叫该 Skill 的名称或使用
/video-download-archive触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release of 视频下载归档助手.
- Validates and downloads individual video links (not playlists or multiple links).
- Archives highest-quality video downloads using yt-dlp, following strict file and metadata rules.
- Supports results archival into Feishu Bitable via platform tools.
- Prevents redundant downloads by checking for existing files and completing or updating records as needed.
- Includes specific error-handling and user consultation rules for Feishu table field issues.
元数据
常见问题
Video Download Archive 是什么?
Validate single video URLs, download highest-quality files with yt-dlp, and archive results into a Feishu Bitable using platform tools. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 628 次。
如何安装 Video Download Archive?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install video-download-archive」即可一键安装,无需额外配置。
Video Download Archive 是免费的吗?
是的,Video Download Archive 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Video Download Archive 支持哪些平台?
Video Download Archive 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Video Download Archive?
由 feiernk(@feiernk)开发并维护,当前版本 v1.0.0。
推荐 Skills