Hailuo Video Generator
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This instruction-only skill is coherently focused on using a MiniMax API key to generate, check, and download videos from MiniMax.
This skill appears purpose-aligned and safe to review as a normal MiniMax video-generation integration. Before installing, make sure you are comfortable giving it access to your MiniMax API key and with any generation costs or quota usage from submitted video jobs.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Using this skill may consume MiniMax account quota or incur provider-side costs depending on the user's plan.
The skill requires a MiniMax API key, either from an environment variable or local OpenClaw config, so it can act against the user's MiniMax account.
API Key 从以下优先级获取: 1. 环境变量 `MINIMAX_API_KEY` 2. 配置文件 `~/.openclaw/openclaw.json` 中的 `skills.hailuoVideo.apiKey`
Use a dedicated or revocable MiniMax API key if possible, monitor account usage, and avoid placing the key in shared or insecure config files.
The agent could submit video-generation requests, query their status, and download the resulting video when the user asks it to use the skill.
The skill instructs use of curl to call MiniMax API endpoints with the user's bearer token; these calls are scoped to the stated video-generation workflow.
curl -s "https://api.minimax.chat/v1/video_generation" ... "Authorization: Bearer $MINIMAX_API_KEY"
Confirm the prompt, reference-image URL, and expected provider cost before asking the agent to start a generation task.