video-creation
v1.0.2用户输入一个选题或口播稿,自动生成完整短视频成片(文案、分镜、数字人口播 + AI 画面混剪)。适用于「一键成片」「根据选题做视频」等场景。当前 skill 已内聚 TTS、数字人视频生成与 AI 文生视频调用能力。
⭐ 0· 131·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The skill is a short‑video generation pipeline that uses local ffmpeg/ffprobe and the chanjing open API. Requiring ffmpeg/ffprobe and CHANJING_APP_ID/CHANJING_SECRET_KEY aligns with the described TTS, avatar (digital human) and AI video creation capabilities; there are no unrelated environment variables or binaries requested.
Instruction Scope
SKILL.md and scripts direct the agent to: call CHANJING APIs (TTS, avatar, ai_creation), upload audio, poll tasks, download generated media, run ffprobe/ffmpeg, and write intermediate and final mp4 files locally. This behavior is consistent with the stated purpose, but it means user text/audio will be sent to the external chanjing service — a privacy/third‑party data transmission concern to be aware of.
Install Mechanism
There is no external install spec: the package is instruction/code‑only and will run local Python code. No remote install/download URLs or archive extraction were specified in the manifest, so there is no additional installer risk beyond running the included code.
Credentials
Only CHANJING_APP_ID and CHANJING_SECRET_KEY are required, which is proportional for authenticating to the chanjing API. No unrelated secrets or system config paths are requested. The code reads these env vars via clients/auth.py as expected.
Persistence & Privilege
always:false and default model invocation are used. The skill can be invoked autonomously (platform default) and will use provided CHANJING credentials to call remote APIs and upload user content; this increases blast radius if credentials are compromised or the third party is untrusted. The skill does write local intermediate files and final mp4s to disk as part of normal operation.
Assessment
This skill appears internally coherent for generating videos using the chanjing API and local ffmpeg. Before installing:
- Understand that scripts, full text/voiceover and audio files will be uploaded to https://open-api.chanjing.cc using the CHANJING_APP_ID/CHANJING_SECRET_KEY you provide — review the provider's privacy, retention, and security practices.
- Only supply credentials with the minimum required scope and rotate them if possible; avoid reusing high‑privilege keys.
- Run the skill in an isolated environment (container/VM) if you are concerned about exposing sensitive content. The skill will write intermediate media and final mp4 files to local disk — ensure disk space and manage sensitive outputs.
- Inspect run_render.py and clients/* locally (they are included) before running; network operations are visible in those files and go to the declared API host (open-api.chanjing.cc).
- If you need to prevent autonomous uploads, control when the agent invokes the skill (e.g., require user confirmation) or do not provide credentials until ready to run a job.
Overall the package is consistent with its purpose; the primary operational risk is third‑party data transmission and standard local media handling rather than unexplained or unrelated accesses.Like a lobster shell, security has layers — review code before you run it.
latestvk9717wwd8hev9zhymnhs11g5jd83jjtc
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
Binsffmpeg, ffprobe
EnvCHANJING_APP_ID, CHANJING_SECRET_KEY