Ai Video Pro
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This skill is mostly aligned with AI video prompting and generation, but it also includes under-declared publishing, cookie/session, cloud credential, and installer capabilities that users should review carefully before enabling.
Use prompt-only mode if you only need prompt optimization. Before enabling generation or publishing, review every environment variable, avoid providing social-account cookies unless necessary, and require explicit confirmation before any upload, API generation charge, dependency install, or public post.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If configured, the skill may gain access to social accounts or cloud storage, not just video-generation APIs.
The code supports social-platform account tokens, a cookie/session credential, and cloud storage secrets, while the registry declares no env vars and only a primary LUMAAI_API_KEY. These credentials are broader and more sensitive than the core video prompt/generation purpose.
"weibo": "WEIBO_ACCESS_TOKEN", "xiaohongshu": "XHS_COOKIE", "douyin": "DOUYIN_ACCESS_TOKEN" ... "aliyun_oss": ["ALIYUN_ACCESS_KEY_ID", "ALIYUN_ACCESS_KEY_SECRET", "ALIYUN_OSS_BUCKET"]
Install only if you intend to use these integrations; declare and scope every required credential, prefer OAuth tokens over cookies, and use least-privilege accounts.
A mistaken or over-broad invocation could post content publicly or act through a connected social account.
Publishing to public social platforms is a high-impact mutation of user accounts. SKILL.md says publishing needs explicit authorization, but the registry metadata and capability signals do not declare this public posting capability or its safeguards.
支持一键发布到中国主流社交平台 ... 一键适配并发布到:微博 / 小红书 / 抖音
Require a clear user confirmation immediately before every upload/publish action, preview the exact platform/account/caption/media, and document rollback or deletion steps.
Providing a session cookie can expose broad account access and may violate platform terms.
The skill contemplates using a raw session cookie for simulated publishing to a service without an official API. The artifact does warn about TOS risk, but cookie-based account access is high-impact and is not declared in the registry credential requirements.
"auth_type": "cookie", "env_var": "XHS_COOKIE", "warning": "小红书无官方开放 API,使用 Cookie 模拟发布存在 TOS 违规风险。"
Avoid cookie-based automation unless the user explicitly accepts the risk; prefer manual upload or official OAuth/API methods.
Running the installer can change the local system and fetch unpinned external code.
The included installer can make system-level package changes and clone external code. Its header says all installation operations require user confirmation, but the visible --backend flow proceeds directly to install_for_backend without showing an interactive confirmation prompt.
subprocess.run(["sudo", "apt-get", "install", "-y", "ffmpeg"], check=True, timeout=300) ... ["git", "clone", "https://github.com/comfyanonymous/ComfyUI.git", str(target_path)]
Add an explicit confirmation prompt, pin external dependencies or revisions, document exactly what will be installed, and avoid sudo/package-manager actions unless clearly requested by the user.
Users have limited provenance assurance for the code they are installing or comparing against.
The README references a GitHub source, but the registry source is listed as unknown and there is no install spec or pinned provenance in the supplied metadata.
git clone https://github.com/AAAlenwow/ai-video-pro.git
Publish a verified homepage/source URL, signed releases, and pinned dependency versions.