短剧爆款预演器
ReviewAudited by ClawScan on May 13, 2026.
Overview
The skill’s AI script-analysis purpose is coherent, but it automatically uses local OpenClaw model configuration/credentials and has packaging/provenance inconsistencies, so it needs user review before installation.
Review this skill before installing. It appears intended for legitimate AI-powered short-drama analysis, but you should be comfortable with it reading your OpenClaw model configuration and sending script content to the configured provider. Use a limited OpenClaw/API profile if possible, avoid confidential scripts until you verify the data path, and check the bundled files because the documentation does not match the manifest exactly.
Publisher note
This skill reads the local OpenClaw configuration file (~/.openclaw/openclaw.json) to authenticate API requests for AI-powered script analysis. No user data is collected or transmitted beyond the analysis request. The configuration file is read locally only and is not modified or shared.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The skill may use the user’s configured AI account, API quota, or workspace authority when analyzing scripts.
The skill explicitly says it automatically reads local OpenClaw configuration and uses the current model. That is purpose-aligned, but local model/account configuration can contain sensitive credentials or billing authority, and the artifacts do not clearly bound which credentials are used, what provider receives data, or how approval is controlled.
自动读取配置:自动读取~/.openclaw/openclaw.json ... 使用OpenClaw当前模型 ... 用户无需关心模型配置
Install only if you are comfortable letting this bundled tool use your OpenClaw model configuration; prefer a limited API key/profile and review the actual bundle or run it manually on non-sensitive inputs first.
Private scripts or unpublished creative material may be processed by the configured AI provider during analysis.
The skill is designed to analyze a script file using the configured OpenClaw model. Sending script content to the configured model is expected for this purpose, but the exact provider/data boundary is not specified in the artifacts.
node dist/cli.js analyze -f script.txt -p 抖音 ... 使用OpenClaw当前模型
Avoid using confidential scripts unless you understand and accept the privacy terms of the OpenClaw model/provider configured on your machine.
Users may not be able to verify or run the skill exactly as documented, and may have to trust a bundled executable-style JavaScript file.
SKILL.md references an install script and dist/cli.js workflow, while the provided manifest lists bundle.js and run-hit-preview.sh instead. This packaging mismatch creates review/provenance ambiguity, though no automatic execution of the missing script is shown.
install:\n - kind: script\n path: setup-zero-config.sh ... node dist/cli.js analyze -f script.txt -p 抖音
Check the installed files before running the skill and prefer a release with consistent install metadata, source, and runnable entry points.