ClawHub

Volcengine Ai Video Generation

v1.0.0

AI video generation workflow on Volcengine. Use when users need text-to-video, image-to-video, generation parameter tuning, or async task troubleshooting for video jobs.

0· 1.6k·7 current·8 all-time
by@cinience
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The skill's purpose is to submit and poll Volcengine video generation tasks, which necessarily requires an API endpoint and credentials (API key/secret). The package declares no required environment variables, no primary credential, and no config paths. That omission is incoherent with the stated functionality.
!
Instruction Scope
SKILL.md is high-level: it instructs the agent to 'Submit task and poll status' and to return URLs/metadata but gives no specific API endpoints, header formats, env var names, client libraries, or examples. The instructions are vague and grant the agent broad discretion (e.g., to choose how/where to authenticate or which files to read), which risks the agent searching for credentials or config outside the skill's scope.
Install Mechanism
This is an instruction-only skill with no install spec and no code files to write to disk, which is the lowest-risk install mechanism.
!
Credentials
No environment variables or credentials are declared, yet the described functionality requires access to Volcengine credentials (API key/secret) and possibly network endpoints. The absence of declared env vars is disproportionate and unexplained.
Persistence & Privilege
always:false and no install steps or config writes are requested. The skill does not request persistent or elevated platform privileges in its metadata.
What to consider before installing
This skill is incomplete as provided: it describes submitting and polling Volcengine video jobs but does not declare what credentials or endpoints it will use. Before installing, ask the publisher for explicit details: the exact Volcengine API endpoints, required environment variable names (e.g., VOLCENGINE_API_KEY), the minimal permissions the key needs, and example requests. Avoid allowing the agent to run autonomously with broad access until those details are provided. If you must test it, run it in a restricted environment (no production credentials), disable autonomous invocation if possible, and verify the skill will not attempt to read unrelated files or environment variables. Finally, prefer skills that publish their source or a reputable homepage so you can verify how authentication and network calls are handled.

Like a lobster shell, security has layers — review code before you run it.

latestvk976m4pd0yvvqfyhczevxv099x80zqy0

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments