Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Video Producer
v2.2.1短视频一键生成技能 v2.2。调用video-director进行画面规划,然后生成AI素材、TTS配音、视频渲染,输出完整MP4。
⭐ 0· 93·1 current·1 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name/description (video generation using a video-director helper, AI images, TTS, Remotion render) matches the included scripts: produce.js, image_gen.js, and test output. However the implementation expects external helper scripts (../../video-director/scripts/plan.js and ../../minimax-tts-cn/scripts/tts.py) and uses external image/tts APIs — these dependencies are not declared in the registry metadata or SKILL.md metadata (no required env vars or config paths listed). That mismatch (undeclared but required helpers/keys) is unexpected.
Instruction Scope
The SKILL.md describes calling video-director and producing assets, which is consistent, but the runtime scripts do more: they call external processes (node and python) via execSync, write files outside the skill folder in multiple locations, and may require the presence of sibling skill code. The instructions do not document the hard-coded API keys, the expected external script locations, nor the fact that the agent will execute other scripts. The generateTTS command construction uses shell invocation with only double-quote escaping, exposing a potential shell-injection risk if input is not strictly sanitized.
Install Mechanism
There is no install spec (instruction-only), so nothing is automatically downloaded. However there are shipped JS scripts that will be executed. That reduces installation risk, but running these scripts still executes network requests and subprocesses. No external archive downloads were observed in the provided files.
Credentials
The skill metadata declares no required env vars or primary credential, but the code reads and falls back to API keys (process.env.MINIMAX_API_KEY, process.env.MINIMAX_IMAGE_API_KEY) and contains default hard-coded API key strings embedded in the source. Hard-coded keys in code are a sensitive mismatch with the declared 'none' credential fields. The scripts also expect local sibling projects (video-director, minimax-tts) which increases the attack surface and privileges needed at runtime.
Persistence & Privilege
The skill is not always-enabled (always: false) so it won't be force-included. It does, however, execute subprocesses (execSync), require/require() other scripts by path, and includes a helper (produce_fix.js) that modifies produce.js on disk (self-modifying code). Those behaviors are not necessarily malicious but increase risk and mean the skill will perform file writes and arbitrary code execution when run.
What to consider before installing
Do not run this skill as-is on a sensitive system. Specific concerns: (1) The code contains hard-coded API keys — treat them as leaked secrets; if you or others have used those keys, rotate them immediately. (2) The skill's metadata does not declare the API keys and helper scripts it actually uses (MINIMAX_API_KEY, MINIMAX_IMAGE_API_KEY and external video-director / minimax-tts scripts). Ask the author to remove hard-coded credentials and declare required env vars and dependencies. (3) The scripts invoke external node/python helpers with execSync and build shell commands from user text — this can allow shell injection if inputs are not sanitized. Avoid passing untrusted text; prefer child_process.spawn with explicit args or a sanitized interface. (4) The skill requires or executes sibling scripts (../../video-director, ../../minimax-tts-cn) — verify those scripts' source before allowing execution because they run with the same agent privileges. (5) produce_fix.js can rewrite produce.js — treat self-modifying behavior cautiously and review its use-case. Recommended actions before installing: run in an isolated sandbox, audit and remove hard-coded keys, require explicit env vars in metadata, review all external endpoints (api.minimaxi.com and any video-director/tts code), and test with non-sensitive sample data. If you cannot verify the external helper scripts and keys, mark the skill untrusted.scripts/produce.js:99
Shell command execution detected (child_process).
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.Like a lobster shell, security has layers — review code before you run it.
latestvk97av21nsqd35zb9drxpbj2trn83j3zd
License
MIT-0
Free to use, modify, and redistribute. No attribution required.