ClawHub

seaart video public

v1.0.0

Use this skill to generate high-quality AI videos using the SeaArt platform (seaart.ai). Supports both Text-to-Video and Image-to-Video generation using vari...

0· 31·0 current·0 all-time
by@seaartpublic·duplicate of @foxwzh/seaart-video
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name/description (SeaArt video generation) match the declared requirements and the included script. The skill only asks for a SeaArt session token and Python runtime to call seaart.ai endpoints and submit video-generation tasks.
Instruction Scope
SKILL.md instructions are narrowly scoped: check SEAART_TOKEN, collect prompt/model/aspect/image URL, run the provided Python script which POSTs to seaart.ai endpoints and polls for completion. It does not instruct reading unrelated files or sending data to other external endpoints. It explicitly warns not to paste the token into chat.
Install Mechanism
No install spec — instruction-only plus an included Python script. No downloads from arbitrary URLs or archive extraction. Declared binaries (python3, pip3) are reasonable for running the included script.
Credentials
Only one credential (SEAART_TOKEN) is required, which is appropriate for authenticating to seaart.ai. However, the skill instructs persisting the token into the agent config via /update-config; that will store a long-lived secret locally and any compromise of the agent config could expose it. The skill does not request unrelated secrets.
Persistence & Privilege
The skill is not set to always:true and does not modify other skills. It asks the user to persist the token into the agent config (via /update-config), which is normal for convenience but increases the lifetime and blast radius of the credential — verify local config file permissions and who can access the agent environment.
Assessment
This skill appears to do what it says: it uses your SeaArt session cookie (T) to call SeaArt APIs and return a generated-video URL. Before installing, consider the following: 1) The skill's source/homepage is unknown — only install if you trust the publisher or after reviewing the code (scripts/generate.py is included and readable). 2) Persisting SEAART_TOKEN with /update-config stores a long-lived secret in your agent config; prefer temporary environment vars if you don't want to store it, and ensure the config file is private. 3) The skill will send your prompt and any image URLs to seaart.ai; do not submit sensitive data you wouldn't want on the service. 4) If you have doubts, open the included script and verify there are no additional endpoints or unexpected behavior (the current script only calls seaart.ai endpoints). 5) Remove the token from the config when you no longer need the skill or use a throwaway token if SeaArt supports it.

Like a lobster shell, security has layers — review code before you run it.

latestvk97d3ya2rgtyqf2d9stp9q51ch840ydj

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Env[object Object]

Comments