Skillv1.0.0

ClawScan security

Ai Video From Photo · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 12, 2026, 11:19 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's behavior mostly matches an image→video cloud service, but there are small inconsistencies (declared config path in the skill frontmatter vs. registry metadata) and it will upload user images and obtain/store short‑lived tokens — review before sending sensitive media.
Guidance: This skill appears to be a front-end for a third‑party rendering API (mega-api-prod.nemovideo.ai) and will upload images to that service and manage short‑lived tokens. Before installing or using it: (1) Confirm you trust the nemo/nemovideo domain and review its privacy/terms — anything you upload will be sent off‑site. (2) Note the SKILL.md mentions a local config path (~/.config/nemovideo/) but the registry metadata did not — ask the publisher whether the skill will read local config files and why. (3) Avoid uploading sensitive or private images until you verify storage/retention rules. (4) If you must test, prefer the anonymous-token flow (temporary tokens) and don’t set a long‑lived secret into NEMO_TOKEN unless you understand what that token grants. (5) If you need higher assurance, ask the publisher for the skill source or a privacy/security statement; absence of a homepage and unknown source increases risk.

Review Dimensions

Purpose & Capability: noteThe skill's name/description align with the actions described (upload images, create videos). It correctly declares NEMO_TOKEN as the primary credential. However, the SKILL.md frontmatter lists a config path (~/.config/nemovideo/) while the registry metadata shows no required config paths — this mismatch is incoherent and could indicate the skill expects to read local config files it didn't declare.
Instruction Scope: noteRuntime instructions are specific: obtain or use NEMO_TOKEN, create a session, upload files, handle SSE, poll render status, and return download URLs. These steps are within the stated purpose. Minor scope creep: instructions reference detecting the agent's install path (~/.clawhub/, ~/.cursor/skills/) and the frontmatter config path — detecting these requires reading the filesystem and could access user home directories beyond just the uploaded images. The doc also instructs the agent to 'store' session_id but doesn't specify secure storage.
Install Mechanism: okInstruction-only skill with no install spec and no code files; nothing is written to disk by an installer. This is the lowest-risk installation mechanism.
Credentials: noteOnly a single credential (NEMO_TOKEN) is required, which is appropriate for a third‑party rendering API. The skill will also create an anonymous token via the API if none is present. The unexplained presence of a config path in the frontmatter (~/.config/nemovideo/) is disproportionate unless the skill legitimately reads local nemo config — the registry did not list that path as required.
Persistence & Privilege: okThe skill does not request always:true and uses normal agent invocation. It asks to store a session_id for ongoing requests (expected), but doesn't request elevated or permanent system privileges.