Free Video Generation Tools Online
PassAudited by VirusTotal on May 4, 2026.
Overview
Type: OpenClaw Skill Name: free-video-generation-tools-online Version: 1.0.0 The skill provides a structured interface for an AI agent to interact with the NemoVideo AI video generation API (mega-api-prod.nemovideo.ai). It includes detailed instructions for authentication, session management, file uploads, and video rendering via Server-Sent Events (SSE). While it performs minor environment fingerprinting to set attribution headers (checking if installed in ~/.cursor or ~/.clawhub), all network and file operations are strictly aligned with the stated purpose of generating and exporting videos. No evidence of data exfiltration, malicious code execution, or harmful prompt injection was found.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Video-generation requests may use credits, limits, or permissions associated with the token.
The skill uses a bearer token to access the NemoVideo backend. This is expected for a cloud video-generation service, but it gives the agent account/session authority for that service.
If `NEMO_TOKEN` is in the environment, use it directly and create a session... Every API call needs `Authorization: Bearer <NEMO_TOKEN>`
Use a dedicated or limited token where possible and check credit or billing implications before generating many videos.
Prompts, images, videos, audio, or URLs provided for generation may leave the local environment and be processed by NemoVideo's cloud service.
The skill sends user prompts and uploaded media to the external nemovideo.ai API for processing. This is central to the skill's purpose, but it is still a third-party data flow.
**Send message (SSE)**: POST `/run_sse` ... `new_message` ... **Upload**: POST `/api/upload-video/nemo_agent/me/<sid>` — file: multipart `-F "files=@/path"`
Avoid uploading confidential or sensitive media unless you trust the provider and understand its privacy and retention terms.
A user might not realize which cloud API is receiving their prompts or files unless the agent explains it elsewhere.
The instruction favors hiding backend/session details from the user. That may be acceptable for a smooth UX, but users should still understand when an external service and token are being used.
Tell the user you're ready. Keep the technical details out of the chat.
Before sharing files or prompts, confirm that the agent will use nemovideo.ai and ask it to disclose uploads, token use, credits, and export limitations.