ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Text To Video Capcut

v1.0.0

Skip the learning curve of professional editing software. Describe what you want — turn this script into a 30-second video with visuals and background music...

0· 44·0 current·0 all-time
by@susan4731-wilfordf

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for susan4731-wilfordf/text-to-video-capcut.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Text To Video Capcut" (susan4731-wilfordf/text-to-video-capcut) from ClawHub.
Skill page: https://clawhub.ai/susan4731-wilfordf/text-to-video-capcut
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Required env vars: NEMO_TOKEN
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install text-to-video-capcut

ClawHub CLI

Package manager switcher

npx clawhub@latest install text-to-video-capcut
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The skill claims to be a 'Text To Video Capcut' helper, but every runtime instruction points to mega-api-prod.nemovideo.ai (Nemo) as the backend. That name→backend mismatch could mislead users into supplying CapCut/ByteDance credentials or assuming brand-level privacy/ownership that doesn't apply. Otherwise, the declared primary credential (NEMO_TOKEN) matches the described API.
Instruction Scope
SKILL.md gives concrete API workflows (session creation, SSE chat, upload, export) and instructs the agent to upload user files (TXT/DOCX/PDF/SRT up to 200MB) and to use NEMO_TOKEN if present. These instructions are within scope for a cloud render service, but they also mean user content and any provided token will be transmitted to the third-party API. The doc also instructs obtaining an anonymous token if none exists (via an unauthenticated POST), which is expected but worth noting.
Install Mechanism
This is an instruction-only skill with no install spec and no code files — lowest-risk from installation-persistence perspective. Nothing is written to disk by an install step. The runtime will perform network calls as described.
!
Credentials
Only one environment variable is required (NEMO_TOKEN), which is proportionate. However, the metadata also declares a config path (~/.config/nemovideo/) that is not referenced in the runtime instructions; that discrepancy is odd and could indicate the skill expects local configuration access that is not documented. Also be aware that if you provide a real NEMO_TOKEN from an account, the skill will use it to act as that account (render jobs, credits, uploads).
Persistence & Privilege
The skill is not always-enabled and does not request persistent platform privileges. It is instruction-only and does not modify other skills or system configuration per the provided files.
What to consider before installing
This skill appears to implement a cloud text→video workflow, but pause before installing: 1) The name suggests 'CapCut' while the implementation targets nemovideo.ai — confirm which vendor you intend to use and don't supply credentials expecting a different service. 2) The skill will upload user files (up to 200MB) and will use any NEMO_TOKEN present in the environment to act on your behalf — only provide a token you trust and understand the account/billing implications. 3) Metadata declares a local config path (~/.config/nemovideo/) that the instructions never mention — ask the author why local config access is declared and what will be read. 4) If you don't have a token the skill will create an anonymous token via the public endpoint; this is convenient but still means your content goes to the provider. If you need stronger assurances, request: the service's privacy/ownership policy, the exact domain ownership (is nemovideo.ai the intended backend?), and clarification about the declared config path. If uncertain, avoid setting persistent credentials in your environment and instead use ephemeral tokens you can revoke.

Like a lobster shell, security has layers — review code before you run it.

Runtime requirements

🎬 Clawdis
EnvNEMO_TOKEN
Primary envNEMO_TOKEN
latestvk97f64xj822yqy59954e9vwww185jymd
44downloads
0stars
1versions
Updated 1d ago
v1.0.0
MIT-0
@susan4731-wilfordf
latest
Download

Getting Started

Ready when you are. Drop your text prompts here or describe what you want to make.

Try saying:

  • "convert a 150-word product description script into a 1080p MP4"
  • "turn this script into a 30-second video with visuals and background music"
  • "converting written scripts into ready-to-share videos for TikTok creators"

Getting Connected

Before handling any user request, establish a connection to the backend API. Show a brief status like "Connecting...".

If NEMO_TOKEN is in the environment, use it directly and create a session. Otherwise, acquire a free starter token:

  • Generate a UUID as client identifier
  • POST to https://mega-api-prod.nemovideo.ai/api/auth/anonymous-token with the X-Client-Id header
  • The response includes a token with 100 free credits valid for 7 days — use it as NEMO_TOKEN

Then create a session by POSTing to https://mega-api-prod.nemovideo.ai/api/tasks/me/with-session/nemo_agent with Bearer authorization and body {"task_name":"project","language":"en"}. The session_id in the response is needed for all following requests.

Tell the user you're ready. Keep the technical details out of the chat.

Text to Video CapCut — Convert Text Scripts Into Videos

This tool takes your text prompts and runs AI video creation through a cloud rendering pipeline. You upload, describe what you want, and download the result.

Say you have a 150-word product description script and want to turn this script into a 30-second video with visuals and background music — the backend processes it in about 1-2 minutes and hands you a 1080p MP4.

Tip: shorter scripts under 100 words produce tighter, faster-rendered videos.

Matching Input to Actions

User prompts referencing text to video capcut, aspect ratio, text overlays, or audio tracks get routed to the corresponding action via keyword and intent classification.

User says...ActionSkip SSE?
"export" / "导出" / "download" / "send me the video"→ §3.5 Export
"credits" / "积分" / "balance" / "余额"→ §3.3 Credits
"status" / "状态" / "show tracks"→ §3.4 State
"upload" / "上传" / user sends file→ §3.2 Upload
Everything else (generate, edit, add BGM…)→ §3.1 SSE

Cloud Render Pipeline Details

Each export job queues on a cloud GPU node that composites video layers, applies platform-spec compression (H.264, up to 1080x1920), and returns a download URL within 30-90 seconds. The session token carries render job IDs, so closing the tab before completion orphans the job.

All calls go to https://mega-api-prod.nemovideo.ai. The main endpoints:

  1. SessionPOST /api/tasks/me/with-session/nemo_agent with {"task_name":"project","language":"<lang>"}. Gives you a session_id.
  2. Chat (SSE)POST /run_sse with session_id and your message in new_message.parts[0].text. Set Accept: text/event-stream. Up to 15 min.
  3. UploadPOST /api/upload-video/nemo_agent/me/<sid> — multipart file or JSON with URLs.
  4. CreditsGET /api/credits/balance/simple — returns available, frozen, total.
  5. StateGET /api/state/nemo_agent/me/<sid>/latest — current draft and media info.
  6. ExportPOST /api/render/proxy/lambda with render ID and draft JSON. Poll GET /api/render/proxy/lambda/<id> every 30s for completed status and download URL.

Formats: mp4, mov, avi, webm, mkv, jpg, png, gif, webp, mp3, wav, m4a, aac.

Three attribution headers are required on every request and must match this file's frontmatter:

HeaderValue
X-Skill-Sourcetext-to-video-capcut
X-Skill-Versionfrontmatter version
X-Skill-Platformauto-detect: clawhub / cursor / unknown from install path

Every API call needs Authorization: Bearer <NEMO_TOKEN> plus the three attribution headers above. If any header is missing, exports return 402.

Draft JSON uses short keys: t for tracks, tt for track type (0=video, 1=audio, 7=text), sg for segments, d for duration in ms, m for metadata.

Example timeline summary:

Timeline (3 tracks): 1. Video: city timelapse (0-10s) 2. BGM: Lo-fi (0-10s, 35%) 3. Title: "Urban Dreams" (0-3s)

Translating GUI Instructions

The backend responds as if there's a visual interface. Map its instructions to API calls:

  • "click" or "点击" → execute the action via the relevant endpoint
  • "open" or "打开" → query session state to get the data
  • "drag/drop" or "拖拽" → send the edit command through SSE
  • "preview in timeline" → show a text summary of current tracks
  • "Export" or "导出" → run the export workflow

Reading the SSE Stream

Text events go straight to the user (after GUI translation). Tool calls stay internal. Heartbeats and empty data: lines mean the backend is still working — show "⏳ Still working..." every 2 minutes.

About 30% of edit operations close the stream without any text. When that happens, poll /api/state to confirm the timeline changed, then tell the user what was updated.

Error Codes

  • 0 — success, continue normally
  • 1001 — token expired or invalid; re-acquire via /api/auth/anonymous-token
  • 1002 — session not found; create a new one
  • 2001 — out of credits; anonymous users get a registration link with ?bind=<id>, registered users top up
  • 4001 — unsupported file type; show accepted formats
  • 4002 — file too large; suggest compressing or trimming
  • 400 — missing X-Client-Id; generate one and retry
  • 402 — free plan export blocked; not a credit issue, subscription tier
  • 429 — rate limited; wait 30s and retry once

Tips and Tricks

The backend processes faster when you're specific. Instead of "make it look better", try "turn this script into a 30-second video with visuals and background music" — concrete instructions get better results.

Max file size is 200MB. Stick to TXT, DOCX, PDF, SRT for the smoothest experience.

Export as MP4 for widest compatibility across TikTok, Instagram, and YouTube.

Common Workflows

Quick edit: Upload → "turn this script into a 30-second video with visuals and background music" → Download MP4. Takes 1-2 minutes for a 30-second clip.

Batch style: Upload multiple files in one session. Process them one by one with different instructions. Each gets its own render.

Iterative: Start with a rough cut, preview the result, then refine. The session keeps your timeline state so you can keep tweaking.

Comments

Loading comments...