菜单
How Clips shares recordings — composes with the framework sharing skill and adds password, expiry, embed URLs, and view-counting. Use when wiring the share dialog, building embed links, adding a password, or debugging who can see a recording.
用 Codex 或 Claude 帮你安装 复制这段 Prompt,粘贴到 Codex、Claude 或其他助手里,让它检查 Skill 页面并帮你完成安装。
基于 SOC 职业分类
How to look up version-matched Agent Native framework docs in node_modules. Use before coding against @agent-native/core APIs or advanced features.
Use Content for repo-backed Markdown/MDX docs, blogs, resources, rich document editing, local components, shareable copies, and Content local-file workspaces. Prefer Content actions over raw filesystem writes when available.
All AI features in Clips — titles, summaries, chapters, tags, filler-word removal — delegate to the agent chat via sendToAgentChat except the narrow media pipeline path: transcription. Use when adding any AI-powered feature.
Cross-platform pattern for handling messaging integration webhooks (Slack, Telegram, WhatsApp, email, etc.) on serverless hosts. Use when adding a new integration adapter, debugging dropped messages, or wiring long-running agent work into a webhook handler.
Turn ordinary text plans into rich interactive visual plans with diagrams, file maps, annotated code, open questions, and UI/prototype review when useful.
Turn a PR, branch, commit, or git diff into an interactive visual recap with diagrams, file maps, API/schema summaries, annotated diffs, and focused review notes.
| name | video-sharing |
| description | How Clips shares recordings — composes with the framework sharing skill and adds password, expiry, embed URLs, and view-counting. Use when wiring the share dialog, building embed links, adding a password, or debugging who can see a recording. |
Recording sharing uses the framework sharing system — not a custom share table. Recordings are registered via registerShareableResource({ type: "recording", ... }) in server/db/index.ts. The share-resource, unshare-resource, list-resource-shares, and set-resource-visibility actions are auto-mounted and handle per-user grants, per-org grants, and the three visibility levels (private / org / public).
Clips adds two things on top of the framework system:
recordings row. When set, all non-owner viewers must enter it to play the recording.expiresAt — an optional ISO timestamp on the recordings row. After this time, all non-owner access is denied (even to principals with explicit grants).These are additive — they never grant access the framework denies, only tighten it.
Read this skill before:
?t=, ?autoplay=, ?hideControls=)server/routes/video/[id].ts or server/routes/share/[id].tsrecordings.password (nullable text) — bcrypt hash.recordings.expires_at (nullable ISO string).recording_shares — framework-managed. Do not insert directly — use share-resource.recordings.visibility — framework-managed column from ownableColumns().recording_viewers + recording_events — view counting.Clips' app/components/player/share-dialog.tsx is a thin wrapper around the framework ShareDialog from @agent-native/core/client. The framework component handles per-user / per-org grants, visibility, and tabbed copy-link / embed UI — Clips just composes it with recording-specific extras.
import { ShareDialog } from "@agent-native/core/client";
<ShareDialog
resourceType="recording"
resourceId={recording.id}
resourceTitle={recording.title}
shareUrl={`${origin}/share/${recording.id}`}
embedUrl={`${origin}/embed/${recording.id}`}
linkTabExtras={
<>
{/* Password + expiry render in the Link tab, below the share URL. */}
<PasswordField recordingId={recording.id} />
<ExpiryField recordingId={recording.id} />
</>
}
embedTabContent={<EmbedSnippetAndOptions recordingId={recording.id} />}
/>
shareUrl / embedUrl — the copy-link and embed URLs the framework renders in its tabs.linkTabExtras — Clips-specific controls (password, expiry) shown beneath the link.embedTabContent — full replacement for the Embed tab body (embed code, params like ?t=, ?autoplay=).The password and expiry fields call update-recording --password=... / --expiresAt=.... Keep Clips' share-dialog wrapper minimal — any new generic sharing feature belongs in the framework component, not here.
The player and /api/video/:id route check access in this exact order:
async function canAccess(
recordingId: string,
requester: Session | null,
providedPassword?: string,
) {
// 1. Framework check — owner, shared, or meets visibility.
const access = await resolveAccess("recording", recordingId, requester);
if (!access.allowed) return false;
const rec = await getRecordingOrThrow(recordingId);
// 2. Expiry — non-owner only.
if (rec.expiresAt && requester?.email !== rec.ownerEmail) {
if (new Date(rec.expiresAt) < new Date()) return false;
}
// 3. Password — non-owner only.
if (rec.password && requester?.email !== rec.ownerEmail) {
if (!providedPassword) return false;
if (!(await bcrypt.compare(providedPassword, rec.password))) return false;
}
return true;
}
Framework first, Clips additions second. Don't invert this — the framework owns the "is this row visible at all" question.
Embeds live at /embed/:shareId (a share-scoped anonymous route). Supported query params:
| Param | Meaning |
|---|---|
?t=80 | Start playback at 80 seconds |
?autoplay=1 | Autoplay (muted — browsers block unmuted autoplay) |
?hideControls=1 | Hide the player chrome |
?loop=1 | Loop playback |
Build embed URLs via the build-embed-url action:
const { url } = await callAction("build-embed-url", {
id: recording.id,
t: 80,
autoplay: true,
});
// -> /embed/<shareId>?t=80&autoplay=1
Clips can render Loom-style Slack previews through Slack App Unfurling. Configure
the Slack app's link_shared event to call /api/slack/unfurl; the route
verifies SLACK_SIGNING_SECRET, acknowledges Slack URL verification, and calls
chat.unfurl with a Block Kit video block using the existing /embed/:id
player URL.
The playable Slack embed is deliberately narrower than the share page:
ready recordings with visibility === "public" can produce a video block.Required Slack app setup:
links:read, links:write, links.embed:writelink_sharedclips.agent-native.comhttps://<clips-host>/api/slack/unfurlPublic recordings also expose URLs meant for external agents:
| Endpoint | Meaning |
|---|---|
/api/agent-context.json?id=<recordingId> | Clip metadata, transcript summary, recommended frames, and API discovery links |
/api/agent-transcript.json?id=<recordingId> | Timestamped transcript segments with startMs, endMs, timestamp, range, text, and optional source |
/api/agent-frame.jpg?id=<recordingId>&atMs=<ms> | JPEG frame extracted from the video at the requested original-video timestamp |
These endpoints follow the same access model as /api/public-recording:
password=<pw> once; successful JSON
responses include short-lived tokenized links so the plaintext password is not
copied into downstream agent prompts, browser history, or logs.The share popover's "Share with agents" field should copy the agent context URL, not raw transcript text. The context response points agents at the transcript and frame APIs so they can fetch only the visual context they need.
A view counts when any of these is true:
The canonical predicate is shouldCountView(totalWatchMs, completedPct, scrubbedToEnd) from server/lib/recordings.ts. Always go through it — do not recompute inline.
import { shouldCountView } from "../server/lib/recordings.js";
if (
!viewer.countedView &&
shouldCountView(viewer.totalWatchMs, viewer.completedPct, scrubbedToEnd)
) {
await db
.update(schema.recordingViewers)
.set({ countedView: true })
.where(eq(schema.recordingViewers.id, viewer.id));
}
Events feeding this live in recording_events. The /api/view-events route receives view-start, watch-progress (every 5s), seek, pause, resume, cta-click, reaction. Aggregate into recording_viewers on write to keep get-insights fast.
recording_viewers.viewer_email is nullable — anonymous viewers (public link, no account) still get a row keyed by a cookie id. Never require login to watch a public recording; require it only when the share grant is user-scoped.
recording_shares directly. Always go through share-resource / unshare-resource./api/video/:id. Streaming routes are the #1 data-leak vector.accessFilter still runs first./embed/:shareId) is anonymous by default — don't require auth, but still go through canAccess.build-embed-url is the single source of truth for embed URLs — keep it in sync with the query params the player accepts.sharing — framework-level primitive Clips composes with. Read this first.security — password handling, token storage, anonymous viewer cookies.video-editing — exports honor recordings.enableDownloads.storing-data — why password / expiresAt live on the recordings row instead of a parallel table.