Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Ai Video Pro
v0.2.0电影级镜头语言解码器。零依赖可用:将创意描述解码为影视级提示词,系统化建模打击感/面部表情渐变/机甲运动五维镜头语言。可选配 API Key 直接生成视频(LumaAI/Runway/Replicate/ComfyUI)。提示词优化本身无需任何外部服务。
⭐ 0· 252·2 current·2 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill claims to be primarily a 'prompt optimization' tool with optional generation. That matches included files (prompt_engine.py, prompt templates). However the registry metadata (requires.env: [] / primaryEnv: LUMAAI_API_KEY) understates the number of optional credentials and integrations present in code: credential_manager.py, env_detect.py, provider_manager.py and platform configs reference many other env vars (RUNWAY_API_KEY, REPLICATE_API_TOKEN, OPENAI_API_KEY, DOUYIN_ACCESS_TOKEN, XHS_COOKIE, cloud provider keys, etc.). The presence of publish.py and platform config files shows full publish/upload capability (including cookie-based publishing for XHS), which is coherent with README but broadens the skill's scope beyond pure local prompt optimization.
Instruction Scope
SKILL.md describes a safe 'prompt-only' default mode and an optional 'generation' mode requiring API keys or GPU. The runtime instructions call scripts (env_detect.py, provider_manager.py, preview_server.py). env_detect probes local hardware, installed tools, disk and network (it performs network checks). credential_manager reads environment variables for many providers. The SKILL.md asserts '提示词模式不访问任何外部服务' — that appears true if you only use prompt-mode, but the shipped scripts will access external services if you run generation/publish flows. The agent instructions and code give the agent the capability to (with explicit user action) run commands that access network and system state.
Install Mechanism
There is no automatic install spec in registry (instruction-only), but the repository contains install_deps.py which, when executed, runs system package managers (winget/brew/apt), pip installs, and can clone ComfyUI from GitHub. These operations are standard for enabling local generation but are system-level and will write to disk and install third-party code. The ComfyUI clone source is a public GitHub repository (comfyanonymous/ComfyUI), not an arbitrary URL shortener or IP, which reduces risk but still requires user review and consent before running.
Credentials
The skill declares LUMAAI_API_KEY as primaryEnv but code expects and documents many optional credentials (LUMAAI_API_KEY, RUNWAY_API_KEY, REPLICATE_API_TOKEN, OPENAI_API_KEY, KLING_API_KEY, WEIBO_ACCESS_TOKEN, XHS_COOKIE, DOUYIN_ACCESS_TOKEN, plus cloud keys for Aliyun/Tencent/AWS). None are required for prompt-mode, but the presence of cloud storage and platform upload keys (AWS/ALIYUN/TENCENT) is broad relative to the core purpose (prompt optimization). The metadata's empty requires.env is therefore incomplete. The code claims not to persist or print secrets (credential_manager enforces in-code guidance), but giving cloud/platform credentials enables upload/publish features and increases blast radius if misused.
Persistence & Privilege
The skill is not always-enabled, does not request permanent platform-wide privileges, and the code states it will not persist credentials to disk. The preview server binds only to localhost. There is no manifest 'always: true' and no evidence the skill autonomously modifies other skills. However some scripts (install_deps.py, install_comfyui) create files on disk and clone projects if you run them — this is expected install behavior but should be consciously executed by the user.
What to consider before installing
What to consider before installing/using this skill:
- Functionality & scope: The prompt-optimization feature is local and usable without credentials; generation/publishing features require optional API keys and cloud/platform credentials. Only provide keys you actually need (e.g., LUMAAI_API_KEY only if you plan to call LumaAI).
- Metadata mismatch: The skill's registry metadata lists no required env vars, but the code references many optional credentials. Treat those optional creds as sensitive — don't set them globally unless you intend to use generation/publishing.
- Inspect before running: Review provider_manager.py and publish.py (not fully shown in the manifest) to confirm where and how credentials are used and whether any unexpected endpoints appear.
- Be cautious with install_deps.py: it runs package managers, pip installs and can clone ComfyUI from GitHub. Only run it in an environment you control (VM, container, or isolated machine). Prefer manual dependency installation so you understand what changes are made.
- Publishing risks: Xiaohongshu support warns that cookie-based automation may violate TOS. Avoid supplying XHS_COOKIE unless you understand and accept that risk.
- Minimize credential exposure: Use per-skill, least-privilege API keys if possible. Do not paste long-lived cloud credentials in environments used for unrelated tasks.
- Run harmless checks first: Use prompt-only flows and the provided env_detect.py (it only detects presence/absence and probes hardware/network) to understand behavior. Do not run generation/publish steps until you’re comfortable.
- If unsure: run the skill in an isolated VM/container, or ask someone with system-admin experience to review the code paths you plan to use.
If you want, I can: (a) list the exact env vars the code reads, (b) scan provider_manager.py and publish.py for network endpoints and calls, or (c) produce a short checklist of commands to safely try prompt-only mode without installing dependencies.Like a lobster shell, security has layers — review code before you run it.
betavk972p5p0mrchyq7wkfwyqckqp582nwhvlatestvk971r2bq0qk6bpe1ma3devdfgh83h5bk
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
Primary envLUMAAI_API_KEY