← 返回 Skills 市场
Youtube Podcast summarizer via Elevenlabs
作者
Franciscoandsam
· GitHub ↗
· v1.0.0
1884
总下载
1
收藏
4
当前安装
1
版本数
在 OpenClaw 中安装
/install youtube-voice-summarizer-elevenlabs
功能描述
Transform YouTube videos into podcast-style voice summaries using ElevenLabs TTS
安全使用建议
Before installing or running this skill: (1) Verify the GitHub repository contents yourself — review server code (especially network calls, logging, and any code that reads files or environment variables) before running npm start. (2) Only provision API keys with least privilege and, if possible, use expendable/limited keys for testing. (3) Run the backend in an isolated environment (container, VM, or restricted user) and bind it to localhost unless you intentionally want a public endpoint; avoid setting BASE_URL to a public address until you’ve audited the code. (4) Confirm where and how API keys are stored (.env files can be readable by other processes); consider using runtime secrets managers or environment injection. (5) Resolve the registry inconsistency (the registry metadata omitted required_env) — if the platform will not surface the required credentials to the skill, it may fail or behave unexpectedly. (6) If you’re not comfortable auditing the repo yourself, treat this package as untrusted code and do not run it on production systems or with high‑value credentials.
功能分析
Type: OpenClaw Skill
Name: youtube-voice-summarizer-elevenlabs
Version: 1.0.0
The skill is classified as benign. It clearly defines its purpose to summarize YouTube videos using a local backend service. The `SKILL.md` instructs the AI agent to make `curl` requests to `http://127.0.0.1:3050` for starting jobs, polling status, and getting summaries. These network calls are to a local loopback address and are explicitly for the skill's stated functionality, without any evidence of malicious intent such as data exfiltration, unauthorized execution, persistence, or prompt injection attempts against the agent. The reliance on a separate, user-deployed backend service is transparently documented.
能力评估
Purpose & Capability
The services the skill requires (Supadata for transcripts, OpenRouter for summarization, ElevenLabs for TTS) align with the described functionality. However, the registry-level metadata at the top of the package listing claims no required environment variables or credentials while the included skill.json and SKILL.md explicitly require ELEVENLABS_API_KEY, SUPADATA_API_KEY, and OPENROUTER_API_KEY — an internal inconsistency that should be resolved before trusting the package.
Instruction Scope
The SKILL.md instructs the operator to clone and run a backend (npm install; npm start) and to place API keys into a .env file. The runtime steps only call a local API (http://127.0.0.1:3050) which is consistent with a separate backend, but running arbitrary code from the referenced GitHub repo executes unvetted server code that could read or transmit secrets or other local data. The skill also suggests making BASE_URL publicly accessible, which increases exposure risk if the backend is misconfigured. There are no instructions that overtly read unrelated system files, but the requirement to run third-party server code broadens the attack surface.
Install Mechanism
There is no platform install spec; instead SKILL.md tells users to git clone https://github.com/Franciscomoney/elevenlabs-moltbot, npm install, and run the server. Downloading and executing code from a GitHub repo is a common pattern but carries execution risk: the repo may contain malicious or buggy code, post-startup network calls, or accidental exfiltration. The homepage is a GitHub repo (not an opaque personal server), which is better than an untrusted binary URL, but you still need to review the repository before running it.
Credentials
The environment variables required by the service (ElevenLabs, Supadata, OpenRouter API keys) are proportionate to the stated purpose. That said, the top-level registry metadata omitted these required_env entries (another inconsistency). Also, placing keys into a .env file for a server you run locally is convenient but risky if the server or environment is accessible externally — the instructions explicitly mention making BASE_URL public, which could expose API keys or outputs if the backend leaks them.
Persistence & Privilege
The skill does not request always: true and does not ask to modify other skills or system-wide settings. It includes autoTrigger patterns for YouTube links (expected for this kind of skill). Autonomous invocation is allowed by default (disable-model-invocation is false), which is normal; combined with the need to run an external server, this increases blast radius if the backend or keys are compromised, but the skill itself does not request elevated platform privileges.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install youtube-voice-summarizer-elevenlabs - 安装完成后,直接呼叫该 Skill 的名称或使用
/youtube-voice-summarizer-elevenlabs触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
First version
元数据
常见问题
Youtube Podcast summarizer via Elevenlabs 是什么?
Transform YouTube videos into podcast-style voice summaries using ElevenLabs TTS. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 1884 次。
如何安装 Youtube Podcast summarizer via Elevenlabs?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install youtube-voice-summarizer-elevenlabs」即可一键安装,无需额外配置。
Youtube Podcast summarizer via Elevenlabs 是免费的吗?
是的,Youtube Podcast summarizer via Elevenlabs 完全免费(开源免费),可自由下载、安装和使用。
Youtube Podcast summarizer via Elevenlabs 支持哪些平台?
Youtube Podcast summarizer via Elevenlabs 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Youtube Podcast summarizer via Elevenlabs?
由 Franciscoandsam(@franciscoandsam)开发并维护,当前版本 v1.0.0。
推荐 Skills