Ai Editor Online

v1.0.0

edit raw video footage into polished edited clips with this skill. Works with MP4, MOV, AVI, WebM files up to 500MB. content creators and marketers use it fo...

⭐ 0· 24·0 current·0 all-time

by@imo14reifey

Security Scan

VirusTotal

Benign

View report →

OpenClaw

Suspicious

medium confidence

ℹ

Purpose & Capability

Name/description, endpoints, and required NEMO_TOKEN align with an online AI video editor. However the skill frontmatter mentions a config path (~/.config/nemovideo/) while the registry lists no required config paths, and the skill both declares NEMO_TOKEN as required and describes a flow to auto-obtain an anonymous token—these are inconsistent and could confuse permission expectations. The skill also derives an X-Skill-Platform header from install paths (mentions ~/.clawhub/ and ~/.cursor/), which implies inspecting environment/install paths though the top-level requirements don't declare filesystem access.

✓

Instruction Scope

SKILL.md instructs only interactions consistent with remote video processing: check/set token, create a session, upload files, stream SSE replies, poll status, and start renders. It does not instruct reading unrelated system files or broad exfiltration. It does instruct storing a session_id and generating headers derived from an install path (ambiguous whether this requires filesystem reads). All network calls target a single third‑party domain (mega-api-prod.nemovideo.ai).

✓

Install Mechanism

No install spec or code files are present (instruction-only). This is lower risk because nothing is downloaded or written by an installer from unknown sources.

ℹ

Credentials

Only one credential is declared (NEMO_TOKEN), appropriate for a third‑party API. But the runtime instructions include a full anonymous-token acquisition flow, meaning a user-supplied NEMO_TOKEN is not strictly required—making the declared requirement misleading. The frontmatter's mention of a config path is inconsistent with registry metadata and should be clarified. No other unrelated secrets are requested.

✓

Persistence & Privilege

The skill is not always-enabled and does not request elevated system privileges. It instructs storing a session_id for the service but does not indicate modifying other skills or system-wide settings.

What to consider before installing

This skill appears to do what it says (uploads your videos to a remote service for editing), but review the following before installing: 1) Privacy: all uploaded media will be sent to mega-api-prod.nemovideo.ai — do not upload sensitive or confidential videos unless you trust that service and have reviewed its privacy policy. 2) Token behavior: the skill will check for NEMO_TOKEN but can also request an anonymous token on your behalf (temporary, 7 days). If you supply your own token it may grant longer access—treat it like a password. 3) Inconsistencies: the skill metadata mentions a config path and also declares NEMO_TOKEN required while providing an auto-token flow; ask the publisher to clarify what local files (if any) the skill will read and whether it stores session data on disk. 4) Source trust: the skill has no homepage and an unknown owner; prefer skills backed by a known vendor or audited code for high‑sensitivity use. 5) Mitigations: use anonymous token flow rather than a permanent token if possible, avoid uploading sensitive content, monitor network activity, and revoke any token you provided if you stop using the service.

Like a lobster shell, security has layers — review code before you run it.

Runtime requirements

✂️ Clawdis

EnvNEMO_TOKEN

Primary envNEMO_TOKEN

latestvk978f4e39n9c4x92ptz2v3hv4s855vbw

24downloads

0stars

1versions

Updated 9h ago

v1.0.0

MIT-0

Getting Started

Send me your raw video footage and I'll handle the AI-powered video editing. Or just describe what you're after.

Try saying:

"edit a 3-minute unedited screen recording into a 1080p MP4"
"cut the pauses, add transitions, and export a clean final video"
"editing videos online without desktop software for content creators and marketers"

First-Time Connection

When a user first opens this skill, connect to the processing backend automatically. Briefly let them know (e.g. "Setting up...").

Authentication: Check if NEMO_TOKEN is set in the environment. If it is, skip to step 2.

Obtain a free token: Generate a random UUID as client identifier. POST to https://mega-api-prod.nemovideo.ai/api/auth/anonymous-token with header X-Client-Id set to that UUID. The response data.token is your NEMO_TOKEN — 100 free credits, valid 7 days.
Create a session: POST to https://mega-api-prod.nemovideo.ai/api/tasks/me/with-session/nemo_agent with Authorization: Bearer <token>, Content-Type: application/json, and body {"task_name":"project","language":"<detected>"}. Store the returned session_id for all subsequent requests.

Keep setup communication brief. Don't display raw API responses or token values to the user.

AI Editor Online — Edit and Export Videos Online

Send me your raw video footage and describe the result you want. The AI-powered video editing runs on remote GPU nodes — nothing to install on your machine.

A quick example: upload a 3-minute unedited screen recording, type "cut the pauses, add transitions, and export a clean final video", and you'll get a 1080p MP4 back in roughly 1-2 minutes. All rendering happens server-side.

Worth noting: shorter clips under 2 minutes process noticeably faster.

Matching Input to Actions

User prompts referencing ai editor online, aspect ratio, text overlays, or audio tracks get routed to the corresponding action via keyword and intent classification.

User says...	Action	Skip SSE?
"export" / "导出" / "download" / "send me the video"	→ §3.5 Export	✅
"credits" / "积分" / "balance" / "余额"	→ §3.3 Credits	✅
"status" / "状态" / "show tracks"	→ §3.4 State	✅
"upload" / "上传" / user sends file	→ §3.2 Upload	✅
Everything else (generate, edit, add BGM…)	→ §3.1 SSE	❌

Cloud Render Pipeline Details

Each export job queues on a cloud GPU node that composites video layers, applies platform-spec compression (H.264, up to 1080x1920), and returns a download URL within 30-90 seconds. The session token carries render job IDs, so closing the tab before completion orphans the job.

Base URL: https://mega-api-prod.nemovideo.ai

Endpoint	Method	Purpose
`/api/tasks/me/with-session/nemo_agent`	POST	Start a new editing session. Body: `{"task_name":"project","language":"<lang>"}`. Returns `session_id`.
`/run_sse`	POST	Send a user message. Body includes `app_name`, `session_id`, `new_message`. Stream response with `Accept: text/event-stream`. Timeout: 15 min.
`/api/upload-video/nemo_agent/me/<sid>`	POST	Upload a file (multipart) or URL.
`/api/credits/balance/simple`	GET	Check remaining credits (`available`, `frozen`, `total`).
`/api/state/nemo_agent/me/<sid>/latest`	GET	Fetch current timeline state (`draft`, `video_infos`, `generated_media`).
`/api/render/proxy/lambda`	POST	Start export. Body: `{"id":"render_<ts>","sessionId":"<sid>","draft":<json>,"output":{"format":"mp4","quality":"high"}}`. Poll status every 30s.

Accepted file types: mp4, mov, avi, webm, mkv, jpg, png, gif, webp, mp3, wav, m4a, aac.

Headers are derived from this file's YAML frontmatter. X-Skill-Source is ai-editor-online, X-Skill-Version comes from the version field, and X-Skill-Platform is detected from the install path (~/.clawhub/ = clawhub, ~/.cursor/skills/ = cursor, otherwise unknown).

All requests must include: Authorization: Bearer <NEMO_TOKEN>, X-Skill-Source, X-Skill-Version, X-Skill-Platform. Missing attribution headers will cause export to fail with 402.

Error Codes

0 — success, continue normally
1001 — token expired or invalid; re-acquire via /api/auth/anonymous-token
1002 — session not found; create a new one
2001 — out of credits; anonymous users get a registration link with ?bind=<id>, registered users top up
4001 — unsupported file type; show accepted formats
4002 — file too large; suggest compressing or trimming
400 — missing X-Client-Id; generate one and retry
402 — free plan export blocked; not a credit issue, subscription tier
429 — rate limited; wait 30s and retry once

Reading the SSE Stream

Text events go straight to the user (after GUI translation). Tool calls stay internal. Heartbeats and empty data: lines mean the backend is still working — show "⏳ Still working..." every 2 minutes.

About 30% of edit operations close the stream without any text. When that happens, poll /api/state to confirm the timeline changed, then tell the user what was updated.

Translating GUI Instructions

The backend responds as if there's a visual interface. Map its instructions to API calls:

"click" or "点击" → execute the action via the relevant endpoint
"open" or "打开" → query session state to get the data
"drag/drop" or "拖拽" → send the edit command through SSE
"preview in timeline" → show a text summary of current tracks
"Export" or "导出" → run the export workflow

Draft JSON uses short keys: t for tracks, tt for track type (0=video, 1=audio, 7=text), sg for segments, d for duration in ms, m for metadata.

Example timeline summary:

Timeline (3 tracks): 1. Video: city timelapse (0-10s) 2. BGM: Lo-fi (0-10s, 35%) 3. Title: "Urban Dreams" (0-3s)

Common Workflows

Quick edit: Upload → "cut the pauses, add transitions, and export a clean final video" → Download MP4. Takes 1-2 minutes for a 30-second clip.

Batch style: Upload multiple files in one session. Process them one by one with different instructions. Each gets its own render.

Iterative: Start with a rough cut, preview the result, then refine. The session keeps your timeline state so you can keep tweaking.

Tips and Tricks

The backend processes faster when you're specific. Instead of "make it look better", try "cut the pauses, add transitions, and export a clean final video" — concrete instructions get better results.

Max file size is 500MB. Stick to MP4, MOV, AVI, WebM for the smoothest experience.

Export as MP4 for widest compatibility.

Comments

Loading comments...