ClawHub

WeryAI video tool — watermark remove

v1.0.0

Remove watermark overlays from an existing HTTPS video via WeryAI (video-watermark-remove). Use when the user wants watermark cleanup, not subtitles-only or...

0· 120·0 current·0 all-time
byparallel world@zoucdr
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description, required binary (node), primary env var (WERYAI_API_KEY), and the CLI script all match the stated goal (calling WeryAI's /v1/generation/video-watermark-remove endpoint to process an HTTPS video URL). No unrelated cloud credentials or uncommon binaries are requested.
Instruction Scope
SKILL.md explicitly limits the workflow to a single entry script and public https:// video URLs; the included script validates https URLs, reads only process.env.WERYAI_API_KEY, and performs network calls to the WeryAI API. There are no instructions to read arbitrary local files, scan unrelated system state, or transmit data to other endpoints.
Install Mechanism
This is instruction-only with a bundled Node script and no install spec or third‑party downloads. No archives or external installers are invoked; risk from installation is low.
Credentials
Only WERYAI_API_KEY is required and declared as the primary credential; the SKILL.md and script both assert they use only that env var. The credential request is proportionate to a remote API call to WeryAI.
Persistence & Privilege
always:false and no evidence of the skill modifying other skills or agent-wide configuration. The script does not persist secrets to disk per its own security guidance.
Assessment
This package appears coherent for its stated purpose, but before running: 1) verify the only files present are SKILL.md and scripts/video_watermark_remove.js (remove any unexpected sibling scripts); 2) only set WERYAI_API_KEY in the environment (do not provide other secrets); 3) confirm the video URL is a public https:// URL you are allowed to process and explicitly confirm any submit/wait action because runs may be paid; 4) review the script locally to ensure there are no modifications that change endpoints or upload behavior. Absence of red flags here doesn't eliminate operational risks (privacy of uploaded content, service billing, or compromised upstream API), so proceed with those considerations in mind.
scripts/video_watermark_remove.js:151
Environment variable access combined with network send.
Confirmed safe by external scanners
Static analysis detected API credential-access patterns, but both VirusTotal and OpenClaw confirmed this skill is safe. These patterns are common in legitimate API integration skills.

Like a lobster shell, security has layers — review code before you run it.

latestvk9775wavrnn9rttcf7mz43teph83g58c

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

💧 Clawdis
Binsnode
EnvWERYAI_API_KEY
Primary envWERYAI_API_KEY

Comments