ASIN营销视频全自动流水线
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If broad or long-lived credentials are used, the automation could affect more data or quota than intended.
The workflow requires delegated access to Topview, Apify, and Google Sheets. This is expected for the pipeline, but those credentials can consume service quota and access the configured spreadsheet.
Topview AI API Key; Apify API Key; Google Cloud 项目 + Service Account
Use least-privilege credentials, share only the target spreadsheet with the service account, and keep/revoke API keys according to your normal credential policy.
Incorrect configuration or test data could overwrite or populate the wrong sheet rows.
The workflow can update the configured Google Sheet after video generation. This mutation is purpose-aligned, but it affects user-managed data.
"operation": "update", "documentId": "={{ $env.GOOGLE_SHEETS_ID }}", "sheetName": "ASIN列表", "range": "A:F", "dataMode": "autoMapInputData"Test on a copy of the spreadsheet first, confirm row mapping, and keep the manual approval/export step until the workflow is verified.
Product identifiers, generated content, and related business workflow data may be processed by third-party services.
ASINs and product/video inputs flow between Google Sheets, Apify, and Topview AI. These provider calls are disclosed and central to the stated purpose.
从Google Sheets读取ASIN列表,跳过已有视频的行 ... 通过Apify抓取Amazon产品详情 ... 上传图片到Topview AI
Only place data in the sheet that you are comfortable sending to those providers, and review each provider's retention and privacy settings.
Future upstream image/package changes could affect the workflow environment.
The setup guide uses an external Docker image without a pinned version. This is a normal n8n setup path, but version/provenance pinning is not specified.
docker run -it --rm ... -v ~/.n8n:/home/node/.n8n ... n8nio/n8n
Pin known-good n8n image or package versions and install from trusted registries.
If scheduling is enabled, the workflow may repeatedly process rows, call paid APIs, and update Sheets without a fresh manual click each time.
The guide describes optional recurring execution. This is disclosed and user-controlled, but it can keep the automation running beyond a one-time task.
启用定时执行 ... 将触发器从 Manual Trigger 改为 Schedule Trigger ... 0 * * * *
Enable scheduling only after testing, set clear filters/limits, and monitor API usage and sheet updates.