ClawHub

neodomain-ai

v1.0.0

Generate images and videos via Neodomain AI API. Supports text-to-image, image-to-video, text-to-video, and motion control video generation. Use when user wa...

0· 212·0 current·0 all-time
by@bandwhite
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name/description align with the code and SKILL.md: scripts call Neodomain endpoints (story.neodomain.cn) to generate images/videos and perform authentication. Requiring python3 and NEODOMAIN_ACCESS_TOKEN is appropriate for this purpose.
Instruction Scope
Runtime instructions and scripts stay within the generation workflow, but several scripts (e.g., batch_video.py) upload user files to the provider's OSS (wlpaas.oss-cn-shanghai.aliyuncs.com) via temporary STS credentials. The SKILL.md mentions authentication but does not explicitly warn that user images/storyboards will be uploaded to the provider's OSS; the login flow requires the user to provide a phone/email and verification code (expected for token issuance).
Install Mechanism
This is instruction-only (no platform install spec), which reduces install risk. However, some scripts import third-party Python packages (notably oss2 in batch_video.py) but the SKILL.md / INSTALL.md do not declare or automate these Python dependency installs—users will need to pip-install dependencies manually. There are no external archive downloads or short/unknown URLs used for installing code.
Credentials
Only NEODOMAIN_ACCESS_TOKEN is required and is the primary credential; that is proportional to the stated functionality. The login script collects a contact (phone/email) and verification code from the user to obtain the token, which is consistent with the service's auth flow.
Persistence & Privilege
The skill is not forced-always or privileged; it doesn't request persistent platform privileges or modify other skills. Autonomous invocation is allowed by default (normal for skills) but not excessive here.
Assessment
This package appears to be a straightforward client for the Neodomain service, but check the following before installing or running it: - Understand that images/videos and storyboard files you provide may be uploaded to the provider's OSS (wlpaas.oss-cn-shanghai.aliyuncs.com) via temporary STS credentials—do not send sensitive/private images if you don't trust the service. - You will need to provide NEODOMAIN_ACCESS_TOKEN (or run the login flow which asks for your phone/email and verification code). Keep that token secret and avoid committing it to files or shared shells. - The scripts import a third-party Python library (oss2) but the README does not automatically install Python deps—install required packages (e.g., pip install oss2) in a controlled virtualenv before running. - Review network endpoints (story.neodomain.cn and wlpaas.oss-cn-shanghai.aliyuncs.com) to ensure they are acceptable for your data/privacy policies. If you want higher assurance, ask the maintainer for a full dependency list (requirements.txt) and an explicit statement that user data is only uploaded to the Neodomain service for generation purposes.

Like a lobster shell, security has layers — review code before you run it.

latestvk9777e6xxp7rty66ef2fm70zx582p1z0

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🎨 Clawdis
Binspython3
EnvNEODOMAIN_ACCESS_TOKEN
Primary envNEODOMAIN_ACCESS_TOKEN

Comments