Future Video Render
PassAudited by VirusTotal on May 6, 2026.
Overview
Type: OpenClaw Skill Name: future-video-render Version: 1.0.1 The skill bundle provides a legitimate interface for the Future Video Studio video rendering service. The included Python script (scripts/future_video_render.py) uses only standard libraries to handle API requests and includes security features such as host validation to prevent API key leakage to unauthorized domains. The instructions in SKILL.md explicitly direct the AI agent to seek user approval before performing actions that consume account credits, demonstrating a focus on safety and transparency.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If configured, the API key can let the agent submit renders that consume the user's Future Video Studio wallet credits.
The skill can use an account API key tied to wallet spending. This is expected for the service and the instructions require approval, but the credential has financial authority.
Account mode: send `X-FVS-Agent-Key` or configure `FVS_AGENT_API_KEY`; renders charge the owning Future Video Studio account wallet and require explicit user approval before submission.
Only configure the API key for trusted use, review each render summary and cost/budget before approval, and revoke or rotate the key if it is no longer needed.
The agent may create paid render workflows, ask for Link payment approval, poll status, cancel jobs, and retrieve generated video URLs.
The skill exposes tools that can submit billable render jobs or create payment quotes. The workflow is purpose-aligned and includes an approval requirement, but it is still a high-impact tool capability.
use `fvs_submit_render` for account/API-key mode only after explicit user approval to spend wallet credits - use `fvs_create_paid_render_quote` for no-account pay-per-render mode
Before approving, check the render request, duration, resolution, quoted amount or budget cap, and ensure the payment URL belongs to Future Video Studio.
Brand assets, PDFs, images, audio, or other reference files may be uploaded to Future Video Studio for processing.
The workflow supports attaching local or public assets to the render request. This is normal for video generation, but users should intentionally choose which files are sent to the provider.
For assets: remote MCP clients should prefer public HTTPS `upload_urls` - local `upload_files` only work when the MCP server runs on the same machine as the agent
Attach only files intended for the render, avoid sensitive unrelated documents, and prefer scoped public asset URLs when using a remote MCP client.