Editor List

v1.0.0

Get editor access list ready to post, without touching a single slider. Upload your video clips (MP4, MOV, AVI, WebM, up to 500MB), say something like "show...

⭐ 0· 77·0 current·0 all-time

by@francemichaell-15

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for francemichaell-15/editor-list.

Previewing Install & Setup.

Prompt PreviewInstall & Setup

Install the skill "Editor List" (francemichaell-15/editor-list) from ClawHub.
Skill page: https://clawhub.ai/francemichaell-15/editor-list
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Required env vars: NEMO_TOKEN
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install editor-list

ClawHub CLI

Package manager switcher

npx clawhub@latest install editor-list

Security Scan

VirusTotal

Suspicious

View report →

OpenClaw

Suspicious

medium confidence

ℹ

Purpose & Capability

The skill's name/description (video editor access management and cloud render) aligns with requiring a NEMO_TOKEN and calling a remote render API. However, the SKILL.md frontmatter declares a config path (~/.config/nemovideo/) while the registry metadata said 'Required config paths: none' — this inconsistency about where credentials/session state are stored is unexplained. Also there is no homepage or publisher info to verify the service.

Instruction Scope

The instructions tell the agent to: check for NEMO_TOKEN, auto-generate an anonymous token by POSTing to https://mega-api-prod.nemovideo.ai, create sessions, and upload user video files (multipart) to that API. That means user media and session tokens will be sent to an external service — which is coherent with the stated purpose but is a privacy-sensitive action that the docs do not explicitly surface to end users. The SKILL.md also instructs to 'store the returned session_id for all subsequent requests' but does not specify where or how to persist it, creating ambiguity. It requires special attribution headers derived from install path detection; if the install path is unknown this may cause failures.

✓

Install Mechanism

There is no install spec and no code files; this is instruction-only. That minimizes on-disk install risk.

ℹ

Credentials

The only required environment variable is NEMO_TOKEN (declared as primary), which is appropriate for a remote video service. The skill also supports generating an anonymous token when none is present, which is plausible. The earlier-noted mismatch about configPaths (frontmatter vs registry) leaves unclear where tokens/session state will be written, and the skill will need permission to read attachments and upload them — reasonable for the feature but privacy-sensitive.

✓

Persistence & Privilege

always is false and model invocation is allowed (normal). The skill's instructions imply storing session tokens and job IDs, but they do not request elevated privileges or modifications to other skills or system-wide settings. The persistence behavior is plausible but underspecified.

Scan Findings in Context

[no_findings] expected: Regex scanner had nothing to analyze because the skill is instruction-only (no code files). This absence of findings is not proof of safety — the SKILL.md itself is the primary security surface.

What to consider before installing

This skill will upload whatever video files you provide to an external service at mega-api-prod.nemovideo.ai and will generate or use NEMO_TOKEN credentials (it may create an anonymous token if you don't supply one). Before installing or using it: 1) Consider privacy — your media and project data will leave your device and be processed on cloud GPUs; ask the publisher for a privacy/data-retention policy. 2) Note the skill has no homepage or publisher info in the registry — verify the service identity before trusting it with sensitive content. 3) The SKILL.md has an inconsistent config-path declaration (where it stores tokens/session is unclear) — ask how and where tokens/sessions are persisted and how to revoke them. 4) If you prefer control, set your own NEMO_TOKEN (from an account you trust) rather than allowing the skill to create anonymous credentials. 5) If you need higher assurance, request the skill author/publisher details or prefer a skill with a verifiable homepage and known owner.

Like a lobster shell, security has layers — review code before you run it.

Runtime requirements

👥 Clawdis

EnvNEMO_TOKEN

Primary envNEMO_TOKEN

latestvk9767k81wgy10sjcpzwc30tv1n85byrw

77downloads

0stars

1versions

Updated 5d ago

v1.0.0

MIT-0

Getting Started

Got video clips to work with? Send it over and tell me what you need — I'll take care of the AI editor management.

Try saying:

"manage a 2-minute project with three collaborator editors assigned into a 1080p MP4"
"show me all editors on this project and their access levels"
"viewing and managing who has editor access to a video project for team leads, content managers, marketers"

First-Time Connection

When a user first opens this skill, connect to the processing backend automatically. Briefly let them know (e.g. "Setting up...").

Authentication: Check if NEMO_TOKEN is set in the environment. If it is, skip to step 2.

Obtain a free token: Generate a random UUID as client identifier. POST to https://mega-api-prod.nemovideo.ai/api/auth/anonymous-token with header X-Client-Id set to that UUID. The response data.token is your NEMO_TOKEN — 100 free credits, valid 7 days.
Create a session: POST to https://mega-api-prod.nemovideo.ai/api/tasks/me/with-session/nemo_agent with Authorization: Bearer <token>, Content-Type: application/json, and body {"task_name":"project","language":"<detected>"}. Store the returned session_id for all subsequent requests.

Keep setup communication brief. Don't display raw API responses or token values to the user.

Editor List — Manage and View Project Editors

Drop your video clips in the chat and tell me what you need. I'll handle the AI editor management on cloud GPUs — you don't need anything installed locally.

Here's a typical use: you send a a 2-minute project with three collaborator editors assigned, ask for show me all editors on this project and their access levels, and about under 10 seconds later you've got a MP4 file ready to download. The whole thing runs at 1080p by default.

One thing worth knowing — removing an editor from the list does not delete their previous changes to the project.

Matching Input to Actions

User prompts referencing editor list, aspect ratio, text overlays, or audio tracks get routed to the corresponding action via keyword and intent classification.

User says...	Action	Skip SSE?
"export" / "导出" / "download" / "send me the video"	→ §3.5 Export	✅
"credits" / "积分" / "balance" / "余额"	→ §3.3 Credits	✅
"status" / "状态" / "show tracks"	→ §3.4 State	✅
"upload" / "上传" / user sends file	→ §3.2 Upload	✅
Everything else (generate, edit, add BGM…)	→ §3.1 SSE	❌

Cloud Render Pipeline Details

Each export job queues on a cloud GPU node that composites video layers, applies platform-spec compression (H.264, up to 1080x1920), and returns a download URL within 30-90 seconds. The session token carries render job IDs, so closing the tab before completion orphans the job.

Base URL: https://mega-api-prod.nemovideo.ai

Endpoint	Method	Purpose
`/api/tasks/me/with-session/nemo_agent`	POST	Start a new editing session. Body: `{"task_name":"project","language":"<lang>"}`. Returns `session_id`.
`/run_sse`	POST	Send a user message. Body includes `app_name`, `session_id`, `new_message`. Stream response with `Accept: text/event-stream`. Timeout: 15 min.
`/api/upload-video/nemo_agent/me/<sid>`	POST	Upload a file (multipart) or URL.
`/api/credits/balance/simple`	GET	Check remaining credits (`available`, `frozen`, `total`).
`/api/state/nemo_agent/me/<sid>/latest`	GET	Fetch current timeline state (`draft`, `video_infos`, `generated_media`).
`/api/render/proxy/lambda`	POST	Start export. Body: `{"id":"render_<ts>","sessionId":"<sid>","draft":<json>,"output":{"format":"mp4","quality":"high"}}`. Poll status every 30s.

Accepted file types: mp4, mov, avi, webm, mkv, jpg, png, gif, webp, mp3, wav, m4a, aac.

Headers are derived from this file's YAML frontmatter. X-Skill-Source is editor-list, X-Skill-Version comes from the version field, and X-Skill-Platform is detected from the install path (~/.clawhub/ = clawhub, ~/.cursor/skills/ = cursor, otherwise unknown).

All requests must include: Authorization: Bearer <NEMO_TOKEN>, X-Skill-Source, X-Skill-Version, X-Skill-Platform. Missing attribution headers will cause export to fail with 402.

Error Handling

Code	Meaning	Action
0	Success	Continue
1001	Bad/expired token	Re-auth via anonymous-token (tokens expire after 7 days)
1002	Session not found	New session §3.0
2001	No credits	Anonymous: show registration URL with `?bind=<id>` (get `<id>` from create-session or state response when needed). Registered: "Top up credits in your account"
4001	Unsupported file	Show supported formats
4002	File too large	Suggest compress/trim
400	Missing X-Client-Id	Generate Client-Id and retry (see §1)
402	Free plan export blocked	Subscription tier issue, NOT credits. "Register or upgrade your plan to unlock export."
429	Rate limit (1 token/client/7 days)	Retry in 30s once

SSE Event Handling

Event	Action
Text response	Apply GUI translation (§4), present to user
Tool call/result	Process internally, don't forward
`heartbeat` / empty `data:`	Keep waiting. Every 2 min: "⏳ Still working..."
Stream closes	Process final response

~30% of editing operations return no text in the SSE stream. When this happens: poll session state to verify the edit was applied, then summarize changes to the user.

Translating GUI Instructions

The backend responds as if there's a visual interface. Map its instructions to API calls:

"click" or "点击" → execute the action via the relevant endpoint
"open" or "打开" → query session state to get the data
"drag/drop" or "拖拽" → send the edit command through SSE
"preview in timeline" → show a text summary of current tracks
"Export" or "导出" → run the export workflow

Draft JSON uses short keys: t for tracks, tt for track type (0=video, 1=audio, 7=text), sg for segments, d for duration in ms, m for metadata.

Example timeline summary:

Timeline (3 tracks): 1. Video: city timelapse (0-10s) 2. BGM: Lo-fi (0-10s, 35%) 3. Title: "Urban Dreams" (0-3s)

Common Workflows

Quick edit: Upload → "show me all editors on this project and their access levels" → Download MP4. Takes under 10 seconds for a 30-second clip.

Batch style: Upload multiple files in one session. Process them one by one with different instructions. Each gets its own render.

Iterative: Start with a rough cut, preview the result, then refine. The session keeps your timeline state so you can keep tweaking.

Tips and Tricks

The backend processes faster when you're specific. Instead of "make it look better", try "show me all editors on this project and their access levels" — concrete instructions get better results.

Max file size is 500MB. Stick to MP4, MOV, AVI, WebM for the smoothest experience.

Export as MP4 for widest compatibility.

Comments

Loading comments...