Character Generator

v1.0.0

Get animated character clips ready to post, without touching a single slider. Upload your text prompts (MP4, MOV, PNG, JPEG, up to 200MB), say something like...

⭐ 0· 58·0 current·0 all-time

by@vcarolxhberger

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for vcarolxhberger/character-generator.

Previewing Install & Setup.

Prompt PreviewInstall & Setup

Install the skill "Character Generator" (vcarolxhberger/character-generator) from ClawHub.
Skill page: https://clawhub.ai/vcarolxhberger/character-generator
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Required env vars: NEMO_TOKEN
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install character-generator

ClawHub CLI

Package manager switcher

npx clawhub@latest install character-generator

Security Scan

VirusTotal

Benign

View report →

OpenClaw

Suspicious

medium confidence

ℹ

Purpose & Capability

The skill's stated purpose (cloud-based character-to-video generation) aligns with the endpoints and headers described in SKILL.md and the single required env var (NEMO_TOKEN). However, the registry metadata shown to you lists no required config paths while the SKILL.md frontmatter declares a config path (~/.config/nemovideo/). That mismatch is unexplained and worth clarifying with the publisher.

Instruction Scope

SKILL.md directs the agent to create a session, upload user media, open SSE streams, poll render status, and include Authorization: Bearer <NEMO_TOKEN> on every request — all expected for this service. Two concerns: (1) the file contains detected unicode-control-characters (prompt-injection pattern) — this can be used to obfuscate instructions or influence the host agent; (2) the instructions also tell the agent to automatically obtain an anonymous token if NEMO_TOKEN is not present, meaning the skill will call the vendor auth endpoint and use service-issued credentials without explicit user-provided tokens. Neither of these alone proves malicious, but together they increase risk and require user awareness.

✓

Install Mechanism

Instruction-only skill with no install spec and no code files. Nothing is written to disk by an installer step and no third-party packages are pulled in automatically — this is the lower-risk category for install mechanism.

ℹ

Credentials

The skill requests a single credential, NEMO_TOKEN, which is proportional for a cloud API. However, SKILL.md will generate and use an anonymous token itself if NEMO_TOKEN is missing (calls the vendor auth endpoint and stores/uses the returned token for session activity). The SKILL.md frontmatter declaring a config path (~/.config/nemovideo/) is inconsistent with the registry metadata and suggests a potential expectation of local config access; this should be clarified.

✓

Persistence & Privilege

always:false (default) and there are no instructions to modify other skills or global agent settings. The skill does instruct keeping session_id for operations but does not require persistent installation or elevated agent privileges.

Scan Findings in Context

[unicode-control-chars] unexpected: Control/unicode-injection patterns are not expected for a straightforward API-integration SKILL.md. This can be used to hide or obfuscate instructions (prompt-injection). Even though the skill's core API calls appear legitimate, the presence of these characters is a red flag and should be investigated or removed by the publisher.

What to consider before installing

What to consider before installing/using: 1) The skill talks to mega-api-prod.nemovideo.ai and needs a NEMO_TOKEN; if you don't provide one it will request an anonymous token from the vendor and use it — so your uploads will go to that cloud service. Do not upload sensitive/private media unless you trust the service. 2) The SKILL.md contains unicode control characters (a prompt-injection pattern). Ask the publisher to explain and provide a cleaned SKILL.md; avoid installing until satisfied. 3) The registry metadata and SKILL.md disagree about a config path (~/.config/nemovideo/) — request clarification on whether the skill will read or write local config. 4) If you proceed, prefer providing a scoped or low-privilege token (if possible), test with non-sensitive files, and monitor network activity / service account usage. 5) If you need higher assurance, request a signed/hosted SKILL.md or a reputable homepage/source for verification before use.

Like a lobster shell, security has layers — review code before you run it.

Runtime requirements

🧑‍🎨 Clawdis

EnvNEMO_TOKEN

Primary envNEMO_TOKEN

latestvk972bkv082v3m8y3sw2e8pdced84w7yj

58downloads

0stars

1versions

Updated 1w ago

v1.0.0

MIT-0

Getting Started

Got text prompts to work with? Send it over and tell me what you need — I'll take care of the AI character creation.

Try saying:

"generate a short text description like 'a futuristic female warrior with silver armor' into a 1080p MP4"
"generate a unique animated character from my description and export it as a video clip"
"generating custom characters for videos, games, or storytelling projects for content creators, game designers, storytellers"

Quick Start Setup

This skill connects to a cloud processing backend. On first use, set up the connection automatically and let the user know ("Connecting...").

Token check: Look for NEMO_TOKEN in the environment. If found, skip to session creation. Otherwise:

Generate a UUID as client identifier
POST https://mega-api-prod.nemovideo.ai/api/auth/anonymous-token with X-Client-Id header
Extract data.token from the response — this is your NEMO_TOKEN (100 free credits, 7-day expiry)

Session: POST https://mega-api-prod.nemovideo.ai/api/tasks/me/with-session/nemo_agent with Bearer auth and body {"task_name":"project"}. Keep the returned session_id for all operations.

Let the user know with a brief "Ready!" when setup is complete. Don't expose tokens or raw API output.

Character Generator — Generate Characters for Video Clips

This tool takes your text prompts and runs AI character creation through a cloud rendering pipeline. You upload, describe what you want, and download the result.

Say you have a short text description like 'a futuristic female warrior with silver armor' and want to generate a unique animated character from my description and export it as a video clip — the backend processes it in about 30-60 seconds and hands you a 1080p MP4.

Tip: more detailed text prompts produce more accurate and consistent character results.

Matching Input to Actions

User prompts referencing character generator, aspect ratio, text overlays, or audio tracks get routed to the corresponding action via keyword and intent classification.

User says...	Action	Skip SSE?
"export" / "导出" / "download" / "send me the video"	→ §3.5 Export	✅
"credits" / "积分" / "balance" / "余额"	→ §3.3 Credits	✅
"status" / "状态" / "show tracks"	→ §3.4 State	✅
"upload" / "上传" / user sends file	→ §3.2 Upload	✅
Everything else (generate, edit, add BGM…)	→ §3.1 SSE	❌

Cloud Render Pipeline Details

Each export job queues on a cloud GPU node that composites video layers, applies platform-spec compression (H.264, up to 1080x1920), and returns a download URL within 30-90 seconds. The session token carries render job IDs, so closing the tab before completion orphans the job.

All calls go to https://mega-api-prod.nemovideo.ai. The main endpoints:

Session — POST /api/tasks/me/with-session/nemo_agent with {"task_name":"project","language":"<lang>"}. Gives you a session_id.
Chat (SSE) — POST /run_sse with session_id and your message in new_message.parts[0].text. Set Accept: text/event-stream. Up to 15 min.
Upload — POST /api/upload-video/nemo_agent/me/<sid> — multipart file or JSON with URLs.
Credits — GET /api/credits/balance/simple — returns available, frozen, total.
State — GET /api/state/nemo_agent/me/<sid>/latest — current draft and media info.
Export — POST /api/render/proxy/lambda with render ID and draft JSON. Poll GET /api/render/proxy/lambda/<id> every 30s for completed status and download URL.

Formats: mp4, mov, avi, webm, mkv, jpg, png, gif, webp, mp3, wav, m4a, aac.

Headers are derived from this file's YAML frontmatter. X-Skill-Source is character-generator, X-Skill-Version comes from the version field, and X-Skill-Platform is detected from the install path (~/.clawhub/ = clawhub, ~/.cursor/skills/ = cursor, otherwise unknown).

Include Authorization: Bearer <NEMO_TOKEN> and all attribution headers on every request — omitting them triggers a 402 on export.

Draft JSON uses short keys: t for tracks, tt for track type (0=video, 1=audio, 7=text), sg for segments, d for duration in ms, m for metadata.

Example timeline summary:

Timeline (3 tracks): 1. Video: city timelapse (0-10s) 2. BGM: Lo-fi (0-10s, 35%) 3. Title: "Urban Dreams" (0-3s)

Backend Response Translation

The backend assumes a GUI exists. Translate these into API actions:

Backend says	You do
"click [button]" / "点击"	Execute via API
"open [panel]" / "打开"	Query session state
"drag/drop" / "拖拽"	Send edit via SSE
"preview in timeline"	Show track summary
"Export button" / "导出"	Execute export workflow

SSE Event Handling

Event	Action
Text response	Apply GUI translation (§4), present to user
Tool call/result	Process internally, don't forward
`heartbeat` / empty `data:`	Keep waiting. Every 2 min: "⏳ Still working..."
Stream closes	Process final response

~30% of editing operations return no text in the SSE stream. When this happens: poll session state to verify the edit was applied, then summarize changes to the user.

Error Handling

Code	Meaning	Action
0	Success	Continue
1001	Bad/expired token	Re-auth via anonymous-token (tokens expire after 7 days)
1002	Session not found	New session §3.0
2001	No credits	Anonymous: show registration URL with `?bind=<id>` (get `<id>` from create-session or state response when needed). Registered: "Top up credits in your account"
4001	Unsupported file	Show supported formats
4002	File too large	Suggest compress/trim
400	Missing X-Client-Id	Generate Client-Id and retry (see §1)
402	Free plan export blocked	Subscription tier issue, NOT credits. "Register or upgrade your plan to unlock export."
429	Rate limit (1 token/client/7 days)	Retry in 30s once

Tips and Tricks

The backend processes faster when you're specific. Instead of "make it look better", try "generate a unique animated character from my description and export it as a video clip" — concrete instructions get better results.

Max file size is 200MB. Stick to MP4, MOV, PNG, JPEG for the smoothest experience.

Export as MP4 for widest compatibility across editing tools and platforms.

Common Workflows

Quick edit: Upload → "generate a unique animated character from my description and export it as a video clip" → Download MP4. Takes 30-60 seconds for a 30-second clip.

Batch style: Upload multiple files in one session. Process them one by one with different instructions. Each gets its own render.

Iterative: Start with a rough cut, preview the result, then refine. The session keeps your timeline state so you can keep tweaking.

Comments

Loading comments...