AI Video Script Generator (Yijia Test)
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the user manually runs these commands, they will execute local workflow scripts and may call a video-generation service.
The reference document provides shell commands that would execute local scripts outside this skill package. They are presented as a Creator test workflow, not as hidden automatic execution.
python3 /Users/shift/.openclaw/workspace-video-creator/scripts/workflow_guard.py python3 /Users/shift/.openclaw/workspace-video-creator/scripts/enforce_project_layout.py bash /Users/shift/.openclaw/workspace-video-creator/scripts/yijia_generate.sh
Only run these commands after reviewing the local scripts, adjusting the paths and target values, and confirming the action is intended.
The package identity information is not fully consistent, so users may want to confirm they are installing the intended skill version.
The embedded metadata differs from the registry-provided slug/version for the evaluated skill, which is a provenance consistency issue even though no harmful behavior is shown.
"slug": "ai-video-script", "version": "1.0.0"
Confirm the skill source/version in the registry and prefer packages whose embedded metadata matches the published listing.
Running the optional workflow could use the user's configured Yijia/API account and possibly consume service quota.
The optional Yijia testing workflow may rely on a local executable or API key. This is expected for a video-generation integration, and the artifacts do not show credential leakage or unrelated credential use.
若环境未配置 Yijia 可执行文件或 API Key,测试会卡在生成阶段
Verify which account/API key the local workflow uses and confirm any cost, quota, or account-impact implications before running generation commands.