📦 收纳整理解压视频

v1.0.5

生成从混乱到有序的竖版短视频（WeryAI）：衣柜、冰箱、梳妆台、书桌、行李箱。用于需要整理治愈视频时……

0· 89·0 当前·0 累计

by @zoucdr (parallel world)

开发工具系统工具操作系统

下载技能包

最后更新

2026/3/23

安全扫描

VirusTotal

可疑

查看报告

OpenClaw

安全

high confidence

The package does what it says — a Node.js CLI that sends prompts and (optionally) images to WeryAI for video generation and only requires the WERYAI_API_KEY and Node 18+; review and caution around supplying your API key and any local images is appropriate.

评估建议

This package appears coherent for generating videos via WeryAI, but take the following precautions before installing or setting WERYAI_API_KEY: - Only set WERYAI_API_KEY if you trust WeryAI and understand billing/permissions; prefer a limited/test key first. - Review scripts/video_gen.js before any paid run to confirm it handles local files in a way you accept — the CLI will read local image files and upload them (creating a public URL) if you pass local paths. - Prefer supplying public https:/...

详细分析 ▾

✓ 用途与能力

Name/description (organizing video generation) match the code and docs: the CLI calls WeryAI endpoints to create videos. Declared requirements (node, WERYAI_API_KEY) are necessary and expected for this functionality.

ℹ 指令范围

SKILL.md and bundled docs clearly describe runtime behavior and explicitly warn that local files may be read and uploaded to WeryAI; they require the API key for non-dry-run operations and instruct prompt expansion before submit. This is within scope, but the ability to read local image files and upload them is a material data-flow decision users must review before enabling the key (SKILL.md already highlights this).

✓ 安装机制

There is no external install script or downloader; the skill is instruction-first and bundles a single Node.js script. No suspicious download URLs or extract steps are present.

✓ 凭证需求

Only a single credential is required (WERYAI_API_KEY) and it is the primaryEnv; that is proportionate for a skill that calls WeryAI APIs. No unrelated secrets or config paths are requested.

✓ 持久化与权限

The skill does not request always:true and has no install-side persistence. It does network calls when run and may upload local files only when invoked; autonomous invocation is allowed by default but not unusually privileged here.

⚠ scripts/video_gen.js:675

Environment variable access combined with network send.

⚠ scripts/video_gen.js:223

File read combined with network send (possible exfiltration).

安全有层次，运行前请审查代码。

运行时依赖

无特殊依赖

版本

latestv1.0.52026/3/22

organize-room-video v1.0.5 - Added API documentation file: resources/WERYAI_VIDEO_API.md. - Added eval.yaml for evaluation and test setup. - Updated SKILL.md for clarity, environment requirements, metadata, and improved security/disclosure language. - Updated scripts/video_gen.js to reflect API docs and process changes.

● 可疑

安装命令

点击复制

官方npx clawhub@latest install organize-room-video

镜像加速npx clawhub@latest install organize-room-video --registry https://cn.longxiaskill.com

数据来源：ClawHub ↗ · 中文优化：龙虾技能库