ClawHub

VectCut: The first "To-Agent" video editing platform. Build automated video workflows with our stable cloud APIs in Coze, Dify, or OpenClaw.

v1.1.9

AI 视频导演与自动化剪辑专家。能够理解视频素材内容、视频创作指令,自主规划脚本结构,并通过调用 VectCut API 实现创建剪映草稿、编排素材(B-roll/转场/特效)、生成 AI 配音与字幕,实现端到端的视频创作流程。

1· 970·9 current·9 all-time
by@sun-guannan
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (automated video editing) match what the files and prompts do: they call cut_jianying/llm/tts/process endpoints, implement ASR, subtitle, generate_image/video, upload flows, scraping of share links, and draft lifecycle. The single required env var (VECTCUT_API_KEY) is appropriate for this purpose.
Instruction Scope
SKILL.md and the prompts instruct the agent to generate/run curl and Python requests that will: call VectCut endpoints, fetch/parse external share URLs (YouTube, TikTok, etc.), and optionally upload local files (via upload_init -> OSS PUT -> upload_complete). Reading local file paths for upload and sending media to the vendor is expected for this skill but is a data-exfiltration surface the user should be aware of.
Install Mechanism
No install spec is declared (instruction-only), yet many scripts and Python files are included. That is not dangerous by itself, but it means the repository provides runnable templates (curl/python) rather than an installed binary. There is no remote download/install step or obscure URL-based installer.
Credentials
Only VECTCUT_API_KEY is required (primaryEnv). Some scripts accept optional base URL env vars (VECTCUT_BASE_URL, LLM_BASE_URL, etc.) which are reasonable for testing or staging. No unrelated credentials or secrets are requested.
Persistence & Privilege
always:false and default model-invocation settings are used. The skill does not request persistent system-wide privileges or modify other skills. It contains scripts that can be run but does not demand forced inclusion or elevated agent privileges.
Assessment
This package appears coherent for integrating with VectCut's APIs. Before installing or using it: 1) Only supply an API key you trust (consider a scoped or ephemeral key) because media and local files can be uploaded to the vendor. 2) Be cautious when the skill is allowed to run autonomously — it can call external endpoints and upload files; restrict autonomous runs if you don't want automatic uploads. 3) Review any example upload_file or file_path usages before executing them to avoid sending sensitive local files. 4) If you need to audit behavior, run the provided curl/python examples in a controlled environment and monitor network requests to https://open.vectcut.com (or whatever BASE_URL you configure). 5) The repo contains many runnable scripts but no installer; running them requires reviewing the code and executing in a safe environment.

Like a lobster shell, security has layers — review code before you run it.

latestvk97cbs4a5zwn6e6qp88rt4wd3d83tfdf

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🎬 Clawdis
EnvVECTCUT_API_KEY
Primary envVECTCUT_API_KEY

Comments