WeryAI video tool — subtitle translate
PassAudited by ClawScan on May 10, 2026.
Overview
This skill appears to do the described WeryAI subtitle translation, but it uses your WeryAI API key, sends the video URL to WeryAI, and has limited source provenance.
Before installing, make sure you trust this registry package, set WERYAI_API_KEY only for this intended workflow, confirm the exact HTTPS video URL and target language before any paid submit/wait run, and avoid using sensitive private videos unless you are comfortable with WeryAI processing them.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
An accidental invocation could consume WeryAI credits or process the wrong video.
Submitting or waiting can start a paid remote processing job, so user confirmation matters. The artifact discloses this and adds an explicit pre-submit gate.
Do **not** run `submit` / `wait` until the user explicitly confirms the video URL and `target_language`. Paid runs are not idempotent.
Confirm the exact video URL and target language before running submit or wait, and use the documented dry-run first when practical.
The API key can authorize actions against the user’s WeryAI account and may consume paid credits.
The script reads the WeryAI API key from the environment and uses it as a bearer token for WeryAI API requests.
const apiKey = (process.env.WERYAI_API_KEY || "").trim(); ... headers.Authorization = `Bearer ${apiKey}`;Use a dedicated or least-privilege WeryAI key if available, avoid writing it into files, and rotate it if it may have been exposed.
It is harder to confirm that the script came from an official or intended WeryAI-related source.
The registry metadata does not identify an upstream source or homepage for the runnable script, which limits independent provenance verification.
Source: unknown; Homepage: none
Install only from a trusted registry entry, inspect the local file manifest before running, and avoid running extra sibling scripts not listed in this skill.
WeryAI will receive the video URL and process the referenced video for subtitle translation.
The tool sends the user-provided payload, including the video URL and target language, to WeryAI’s external API. This is disclosed and purpose-aligned.
const BASE_URL = "https://api.weryai.com"; ... const res = await httpJson("POST", BASE_URL + spec.endpoint, payload, apiKey);Use this only for videos you are allowed and comfortable sending to WeryAI, especially if the URL is private, unlisted, or sensitive.