← Back to Skills Marketplace

图片视频生成

Name: 图片视频生成
Author: xuhongfeii2

by XuHongFeii2 · GitHub ↗ · v1.0.0 · MIT-0

cross-platform ⚠ suspicious

Downloads

Stars

Active Installs

Versions

Install in OpenClaw

/install tupian-shipin-shengcheng

Description

可调用 banana、sora、veo 等模型生成图片视频，适合图片、视频与短剧素材生产。

Usage Guidance

This skill mostly does what it says — it uses a relay service (easyclaw.bar) to submit generation requests and sets up a watcher to poll for results — but there are important caveats: - The registry metadata did not declare the required environment variables, but the scripts require a platform token or API key/secret (EASYCLAW_PLATFORM_API_TOKEN, or fallback names). Do not configure secrets until you trust the relay operator. - The skill will create OpenClaw cron watcher jobs and write watcher state and session transcripts under ~/.openclaw. That means a persistent background task will exist and the platform credentials may be embedded into the watcher configuration/CLI args. If you prefer not to persist tokens, do not enable the watcher (use --no-watch) or run the skill in an isolated environment. - The relay host (http://easyclaw.bar) is not documented in the skill metadata beyond SKILL.md; verify the operator and privacy/security policies of that service before sending prompts, files, or credentials. The platform also logs relay requests and may inject upstream Bearer tokens per the docs — that implies the relay mediates traffic to upstream providers. Recommendations before installing: - Inspect the scripts locally (you already have them) and confirm you are comfortable with files written under ~/.openclaw and with scheduled cron jobs. - If you must test, do so in an isolated user account or VM, and avoid using high-privilege or long-lived credentials. Prefer short-lived or scoped credentials if available. - Ask the skill author for a clear statement of where credentials are stored, how cron jobs are registered (what exact command is scheduled), and whether tokens are persisted in dotfiles or job definitions. If you want, I can point out the exact lines where tokens are read, where they are passed to cron scheduling, and where files under ~/.openclaw are written so you can audit them more easily.

Capability Analysis

Type: OpenClaw Skill Name: tupian-shipin-shengcheng Version: 1.0.0 The skill bundle exhibits high-risk behavior by performing extensive environment discovery and interacting directly with the host application's internal state. Specifically, `scripts/schedule_task_watch.py` and `scripts/cron_watch_task.py` search for local OpenClaw/EasyClaw installations, execute CLI commands via `subprocess.run`, and manually modify session transcript files to inject background notifications. Furthermore, the skill handles credentials insecurely by passing API tokens as command-line arguments to cron jobs, exposing them to system process monitoring. While these actions facilitate asynchronous video/image generation via the `easyclaw.bar` platform, the intrusive methods used—such as reading the global `openclaw.json` configuration and session stores—exceed the typical boundaries of a benign skill.

Capability Assessment

ℹ Purpose & Capability

Name/description claim: generate images/videos via Banana, Sora, VEO. The scripts and references implement calls to a platform relay (POST /api/veo2/custom_video/model/{model} and GET /api/veo2/custom_video/fetch/{task_id}) and include model-specific builders — capability matches purpose. However registry metadata lists no required environment variables while SKILL.md and the code require a platform token or api key/secret (EASYCLAW_PLATFORM_API_TOKEN or fallback names). That mismatch between declared requirements and actual code is an incoherence.

⚠ Instruction Scope

SKILL.md instructs only to run provided scripts. The scripts do that but also read and write local OpenClaw state (session transcripts under ~/.openclaw, session store, and watcher state), call the local OpenClaw CLI to create/list cron jobs, and POST notifications back to the external platform bridge endpoint (/api/v1/openclaw/bridge/reply). Reading/writing session files and invoking the local CLI are outside a minimal 'submit a generation request' surface and could expose local session metadata and allow persistent background jobs to be created. The SKILL.md forbids probing unrelated platform routes, which the code respects, but the local file/CLI interactions are broad in scope and should be noted.

✓ Install Mechanism

No install spec (instruction-only) and no downloads; the skill is delivered as scripts that run in-place. No external packages are fetched at install time. This is low installer risk.

⚠ Credentials

The skill expects platform credentials (preferred EASYCLAW_PLATFORM_API_TOKEN; fallbacks EASYCLAW_PLATFORM_API_KEY / API_SECRET and CHANJING_* variants) and optional base URL (EASYCLAW_PLATFORM_BASE_URL). These are necessary to call the relay, but the registry metadata omitted them. More importantly, the scheduling code builds watcher auth args (including the raw token or key/secret) and will include them when constructing cron watcher commands — meaning credentials may be persisted into cron job definitions or CLI storage. That persistence of sensitive credentials is a proportionality and data-exposure concern and should be explicitly justified and audited before use.

⚠ Persistence & Privilege

The skill creates and manages OpenClaw cron watcher jobs using the local OpenClaw CLI, writes watcher state under ~/.openclaw/cron/watchers/veo2-openclaw, and appends session transcripts / updates session store files. While always:false (it is not auto-included everywhere), the skill requests the ability to schedule background jobs and to modify files under the user's OpenClaw directory. This persistence is functionally required for asynchronous result notification, but it increases blast radius (background jobs, persisted tokens, session file writes).

How to Use

Make sure OpenClaw is installed (local or Docker)
Run the install command in chat: /install tupian-shipin-shengcheng
After installation, invoke the skill by name or use /tupian-shipin-shengcheng
Provide required inputs per the skill's parameter spec and get structured output

Version History

v1.0.0

- Initial release of 图片视频生成 skill for image and video generation via banana, sora, and veo models. - Supports VEO video, Banana image, and Sora video models with detailed submission and querying rules. - Implements guided script-only command flows for safe and validated API interaction. - Automatic result watcher is created per submission with robust notification and fallback guidance. - Comprehensive model usage policies and example commands included for all supported generation scenarios.

Metadata

Slug tupian-shipin-shengcheng

Version 1.0.0

License MIT-0

All-time Installs 0

Active Installs 0

Total Versions 1

Frequently Asked Questions

What is 图片视频生成?

可调用 banana、sora、veo 等模型生成图片视频，适合图片、视频与短剧素材生产。 It is an AI Agent Skill for Claude Code / OpenClaw, with 90 downloads so far.

How do I install 图片视频生成?

Run "/install tupian-shipin-shengcheng" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is 图片视频生成 free?

Yes, 图片视频生成 is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does 图片视频生成 support?

图片视频生成 is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created 图片视频生成?

It is built and maintained by XuHongFeii2 (@xuhongfeii2); the current version is v1.0.0.

More Skills