A skill that automates repurposing Chinese social videos (Douyin/Bilibili/Xiaohongshu) to international platforms (TikTok/YouTube/Instagram) via the Lumi API — handling translation, AI dubbing, and publishing in one workflow.
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This instruction-only Lumi API skill is coherent and disclosed, but it can use your Lumi key to publish selected videos to connected social accounts, including auto-publishing after repurposing.
Install only if you intend to let Lumi manage and publish social videos for you. Double-check account selection, visibility, captions, and content rights before using auto-publish, and choose localization-only mode if you want to review the processed video before posting.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A translated or dubbed video may be posted to selected TikTok, YouTube, or Instagram accounts without a final review of the processed output.
The skill can start a workflow that automatically publishes processed content after completion. This is disclosed and aligned with the social-posting purpose, but it is a high-impact action.
“autoPublish 默认启用”:搬运场景中,只要用户指定了发布平台,必须始终设置 `autoPublish` 字段,无需额外询问用户是否自动发布。
Before using repurpose mode, confirm the exact platform, connected account, caption/title, visibility, and whether you want automatic publishing; use the localization-only workflow if you need to review the output first.
Anyone with access to the configured Lumi API key may be able to view connected social accounts and publish through Lumi according to that key’s permissions.
The Lumi API key is the credential used for all API calls, including connected-account lookup and publishing operations.
**Auth**: `Authorization: Bearer $LUMI_API_KEY`
Use a dedicated Lumi key, keep it out of logs and shared shells, rotate it if exposed, and verify connected accounts before approving posts.
Content and account-routing metadata needed for processing and publishing will be shared with Lumi.
The skill sends selected video URLs, captions, localization settings, account connection IDs, and the Bearer token to the Lumi provider API. The destination is clearly disclosed and purpose-aligned.
Allowed to make network requests to: https://lumipath.cn
Only use this skill with videos, captions, and account connections you are comfortable sending to Lumi and potentially publishing.