{ "issues": [ { "type": "npm-audit", "message": "@aws-sdk/xml-builder: Vulnerability found", "severity": "low" }, { "type": "npm-audit", "message": "@hono/node-server: @hono/node-server: Middleware bypass via repeated slashes in serveStatic", "severity": "medium" }, { "type": "npm-audit", "message": "@prisma/config: Vulnerability found", "severity": "high" }, { "type": "npm-audit", "message": "@remotion/bundler: Vulnerability found", "severity": "low" }, { "type": "npm-audit", "message": "@remotion/cli: Vulnerability found", "severity": "low" }, { "type": "npm-audit", "message": "@remotion/studio-server: Vulnerability found", "severity": "low" }, { "type": "npm-audit", "message": "@vitest/coverage-v8: Vulnerability found", "severity": "medium" }, { "type": "npm-audit", "message": "@vitest/mocker: Vulnerability found", "severity": "medium" }, { "type": "npm-audit", "message": "@xmldom/xmldom: xmldom: XML injection via unsafe CDATA serialization allows attacker-controlled markup insertion", "severity": "high" }, { "type": "npm-audit", "message": "ajv: ajv has ReDoS when using `$data` option", "severity": "medium" }, { "type": "npm-audit", "message": "ajv-formats: Vulnerability found", "severity": "medium" }, { "type": "npm-audit", "message": "brace-expansion: brace-expansion: Zero-step sequence causes process hang and memory exhaustion", "severity": "medium" }, { "type": "npm-audit", "message": "conf: Vulnerability found", "severity": "medium" }, { "type": "npm-audit", "message": "cos-nodejs-sdk-v5: Vulnerability found", "severity": "critical" }, { "type": "npm-audit", "message": "defu: defu: Prototype pollution via `__proto__` key in defaults argument", "severity": "high" }, { "type": "npm-audit", "message": "effect: Effect `AsyncLocalStorage` context lost/contaminated inside Effect fibers under concurrent load with RPC", "severity": "high" }, { "type": "npm-audit", "message": "esbuild: esbuild enables any website to send any requests to the development server and read the response", "severity": "medium" }, { "type": "npm-audit", "message": "express-rate-limit: express-rate-limit: IPv4-mapped IPv6 addresses bypass per-client rate limiting on servers with dual-stack network", "severity": "high" }, { "type": "npm-audit", "message": "fast-xml-parser: fast-xml-parser has an entity encoding bypass via regex injection in DOCTYPE entity names", "severity": "critical" }, { "type": "npm-audit", "message": "flatted: flatted vulnerable to unbounded recursion DoS in parse() revive phase", "severity": "high" }, { "type": "npm-audit", "message": "form-data: form-data uses unsafe random function in form-data for choosing boundary", "severity": "critical" }, { "type": "npm-audit", "message": "glob: glob CLI: Command injection via -c/--cmd executes matches with shell:true", "severity": "high" }, { "type": "npm-audit", "message": "hono: Hono vulnerable to Prototype Pollution possible through __proto__ key allowed in parseBody({ dot: true })", "severity": "medium" }, { "type": "npm-audit", "message": "js-yaml: js-yaml has prototype pollution in merge (<<)", "severity": "medium" }, { "type": "npm-audit", "message": "lodash: Lodash has Prototype Pollution Vulnerability in `_.unset` and `_.omit` functions", "severity": "high" }, { "type": "npm-audit", "message": "minimatch: minimatch has a ReDoS via repeated wildcards with non-matching literal in pattern", "severity": "high" }, { "type": "npm-audit", "message": "next: Next Server Actions Source Code Exposure ", "severity": "high" }, { "type": "npm-audit", "message": "next-auth: NextAuthjs Email misdelivery Vulnerability", "severity": "medium" }, { "type": "npm-audit", "message": "next-intl: next-intl has an open redirect vulnerability", "severity": "medium" }, { "type": "npm-audit", "message": "path-to-regexp: path-to-regexp vulnerable to Denial of Service via sequential optional groups", "severity": "high" }, { "type": "npm-audit", "message": "picomatch: Picomatch: Method Injection in POSIX Character Classes causes incorrect Glob Matching", "severity": "high" }, { "type": "npm-audit", "message": "preact: Preact has JSON VNode Injection issue", "severity": "high" }, { "type": "npm-audit", "message": "prisma: Vulnerability found", "severity": "high" }, { "type": "npm-audit", "message": "qs: qs's arrayLimit bypass in comma parsing allows denial of service", "severity": "medium" }, { "type": "npm-audit", "message": "request: Server-Side Request Forgery in Request", "severity": "critical" }, { "type": "npm-audit", "message": "rollup: Rollup 4 has Arbitrary File Write via Path Traversal", "severity": "high" }, { "type": "npm-audit", "message": "serialize-javascript: Serialize JavaScript is Vulnerable to RCE via RegExp.flags and Date.prototype.toISOString()", "severity": "high" }, { "type": "npm-audit", "message": "tar: node-tar has a race condition leading to uninitialized memory exposure", "severity": "high" }, { "type": "npm-audit", "message": "terser-webpack-plugin: Vulnerability found", "severity": "high" }, { "type": "npm-audit", "message": "tough-cookie: tough-cookie Prototype Pollution vulnerability", "severity": "medium" }, { "type": "npm-audit", "message": "underscore: Underscore has unlimited recursion in _.flatten and _.isEqual, potential for DoS attack", "severity": "high" }, { "type": "npm-audit", "message": "undici: Undici: Malicious WebSocket 64-bit length overflows parser and crashes the client", "severity": "high" }, { "type": "npm-audit", "message": "vite: Vite Vulnerable to Path Traversal in Optimized Deps `.map` Handling", "severity": "medium" }, { "type": "npm-audit", "message": "vite-node: Vulnerability found", "severity": "medium" }, { "type": "npm-audit", "message": "vitest: Vulnerability found", "severity": "medium" }, { "type": "npm-audit", "message": "webpack: webpack buildHttp: allowedUris allow-list bypass via URL userinfo (@) leading to build-time SSRF behavior", "severity": "low" } ], "status": "FAILED", "scannedAt": "2026-04-18T05:42:17.614Z", "semgrepRan": false, "npmAuditRan": true, "pipAuditRan": true }

🚀 探索 AI 影视的下一代创作流 | 立即加入 waoowaoo在线网页版内测候补

waoowaoo AI 影视 Studio

[!IMPORTANT] ⚠️ 测试版声明：本项目目前处于测试初期阶段，由于暂时只有我一个人开发，存在部分 bug 和不完善之处。我们正在快速迭代更新中，欢迎进群反馈问题和需求，及时关注项目更新！目前更新会非常频繁，后续会增加大量新功能以及优化效果，我们的目标是成为行业最强AI工具！！

⚠️ Beta Notice: This project is currently in its early beta stage. As it is currently a solo-developed project, some bugs and imperfections are to be expected. We are iterating rapidly—please stay tuned for frequent updates! We are committed to rolling out a massive roadmap of new features and optimizations, with the ultimate goal of becoming the top-tier solution in the industry. Your feedback and feature requests are highly welcome!

一款基于 AI 技术的短剧/漫画视频制作工具，支持从小说文本自动生成分镜、角色、场景，并制作成完整视频。

An AI-powered tool for creating short drama / comic videos — automatically generates storyboards, characters, and scenes from novel text, then assembles them into complete videos.

✨ 功能特性 / Features

| | 中文 | English | |---|---|---| | 🎬 | AI 剧本分析 - 自动解析小说，提取角色、场景、剧情 | AI Script Analysis - parse novels, extract characters, scenes & plot | | 🎨 | 角色 & 场景生成 - AI 生成一致性人物和场景图片 | Character & Scene Generation - consistent AI-generated images | | 📽️ | 分镜视频制作 - 自动生成分镜头并合成视频 | Storyboard Video - auto-generate shots and compose videos | | 🎙️ | AI 配音 - 多角色语音合成 | AI Voiceover - multi-character voice synthesis | | 🌐 | 多语言支持 - 中文 / 英文界面，右上角一键切换 | Bilingual UI - Chinese / English, switch in the top-right corner |

🚀 快速开始

前提条件：安装 Docker Desktop

git clone https://github.com/saturndec/waoowaoo.git
cd waoowaoo
docker compose up -d

访问 http://localhost:13000 开始使用！

waoowaoo

🚀 探索 AI 影视的下一代创作流 | 立即加入 waoowaoo在线网页版内测候补

waoowaoo AI 影视 Studio

✨ 功能特性 / Features

🚀 快速开始

Related Skills

🔄 更新到最新版本

🚀 Quick Start

🔄 Updating to the Latest Version

🔧 API 配置 / API Configuration

📦 技术栈 / Tech Stack

📦 页面功能预览 / preview

🤝 参与方式 / Contributing

Star History