ClawHub

WeryAI video tool — subtitle translate

v1.0.0

Translate subtitles in an existing HTTPS video via WeryAI (video-subtitle-translate). Use when the user wants subtitle translation, not erasure or text-to-vi...

0· 71·0 current·0 all-time
byparallel world@zoucdr
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (subtitle translation) match the requested artifacts: the script only requires Node and WERYAI_API_KEY, and its configured endpoint is api.weryai.com/v1/generation/video-subtitle-translate. There are no unrelated credentials, binaries, or config paths declared.
Instruction Scope
SKILL.md explicitly limits operations to the subtitle-translate workflow for a public https:// video_url and instructs running the provided script (spec/submit/wait/status). The README warns against running sibling scripts and says the script does not read local files or perform upload-file flows. The script performs HTTPS calls and validates that URLs start with "https://".
Install Mechanism
There is no install spec (instruction-only skill with included script). The only runtime requirement is Node 18+, no remote downloads or archive extraction are present.
Credentials
Only WERYAI_API_KEY is declared as required and the script reads process.env.WERYAI_API_KEY. No other secrets or unrelated environment variables are requested.
Persistence & Privilege
The skill is not forced-always (always:false) and does not request persistent/system-wide privileges. It does network calls to the stated API and does not modify other skills or system settings.
Assessment
This package appears coherent with its stated purpose. Before installing, verify: (1) the WERYAI_API_KEY you supply belongs to the expected WeryAI account and you understand billing/quoting for runs; (2) the video URL you provide is a public https:// URL and you have rights to process it; (3) run node scripts/video_subtitle_translate.js spec and --dry-run to inspect the request schema and validate input before submitting a paid job; (4) do not export or write your API key to disk and do not run any sibling scripts (the SKILL.md warns they may be out of scope); (5) if you need further assurance, open and review the full script file for any unexpected network endpoints or logic beyond what is described (the provided snippet uses api.weryai.com only).
scripts/video_subtitle_translate.js:147
Environment variable access combined with network send.
Confirmed safe by external scanners
Static analysis detected API credential-access patterns, but both VirusTotal and OpenClaw confirmed this skill is safe. These patterns are common in legitimate API integration skills.

Like a lobster shell, security has layers — review code before you run it.

latestvk975455fk0b65xda67qzr296v583gp43

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🌐 Clawdis
Binsnode
EnvWERYAI_API_KEY
Primary envWERYAI_API_KEY

Comments