ClawHub

Zyt video compose

v0.4.0

Use Chanjing video synthesis APIs to create digital human videos from text or audio, with optional background upload, task polling, and explicit download whe...

0· 77·0 current·0 all-time
by@zuoyuting214
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description, covered APIs, CLI scripts and the auth helper all align: the skill needs an app_id/secret_key to call chanjing's open-api endpoints, upload files, create/poll video tasks, and optionally download results. The local credential file (~/.chanjing/credentials.json) and optional CHANJING_CONFIG_DIR env var are consistent with that purpose.
Instruction Scope
Runtime instructions and examples stay inside the stated domain: listing figures, uploading files, creating tasks, polling /open/v1/video, and explicit download. The only local I/O is reading/writing ~/.chanjing/credentials.json and writing outputs/video-compose/ when a user asks to save — both are expected for this skill. The auth helper may open a browser only when CHANJING_AUTO_OPEN_LOGIN is set.
Install Mechanism
This is an instruction-only skill with a small helper script; there is no install spec or remote code download. No archives, third-party package installs, or unexpected install endpoints are present.
Credentials
The skill does not declare required environment variables but does honor CHANJING_CONFIG_DIR and CHANJING_AUTO_OPEN_LOGIN if present and expects user API credentials stored in ~/.chanjing/credentials.json (app_id and secret_key). Storing and refreshing access_token into that file is normal for this integration, but users should be aware that sensitive keys are stored on disk.
Persistence & Privilege
The skill is not force-installed (always:false) and does not modify other skills or system-wide settings. It writes tokens to its own config file (~/.chanjing/credentials.json) which is expected for its operation.
Assessment
This skill appears to do what it says: it calls Chanjing's public API endpoints and manages a local credentials file. Before installing or using it, verify you trust the Chanjing service and are comfortable storing your app_id/secret_key at ~/.chanjing/credentials.json (or a custom CHANJING_CONFIG_DIR). Be aware the helper will write an access_token and expire_in into that file; if you enable CHANJING_AUTO_OPEN_LOGIN the skill may attempt to open a browser for login. No other credentials or unexpected network endpoints were found. If you have strict secrets policies, create a dedicated credentials file/directory and inspect the scripts (especially any download_result script) before saving production secrets.

Like a lobster shell, security has layers — review code before you run it.

latestvk974pedn01w27devd0esa296fx83n7kt

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments