Skillv1.0.0

ClawScan security

Best Video Editor For Mac · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 12, 2026, 9:25 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's high-level purpose (cloud video editing) matches its instructions to call a remote API, but there are notable inconsistencies about required credentials and claimed config access plus some runtime instructions that touch local paths and metadata not declared in the registry.
Guidance: This skill appears to be a cloud-based video editor that uploads your footage to mega-api-prod.nemovideo.ai and returns rendered files. Before installing or enabling it: (1) clarify the NEMO_TOKEN requirement — the SKILL.md says an anonymous token is possible, but the registry marks NEMO_TOKEN as required; don't provide any long-lived credentials unless you trust the service and know exactly what scope the token grants. (2) Understand that video files and local metadata (the skill asks to read YAML frontmatter and detect install paths in your home directory) may be read and sent to the remote API — if your videos are sensitive, do not use this skill until you verify the provider's privacy policy and retention rules. (3) Ask the author to fix the metadata/README mismatch (declared configPaths vs registry), and to explicitly document what local files are accessed and why. (4) Because this is instruction-only, there is no on-disk code to audit — the risk is network exfiltration of files and metadata, so proceed only if you trust the remote endpoint and the developer. If you want help drafting exact questions to ask the developer (e.g., token scope, data retention, what local paths are read), I can generate them.

Review Dimensions

Purpose & Capability: noteThe skill claims to perform cloud video editing and its runtime instructions exclusively call a remote video-editing API (mega-api-prod.nemovideo.ai), which is coherent with the description. However the registry metadata lists NEMO_TOKEN as required while the SKILL.md treats it as optional (it will generate an anonymous token if NEMO_TOKEN is not present). Also the SKILL.md includes a configPaths entry (~/.config/nemovideo/) in its frontmatter whereas the registry metadata stated 'Required config paths: none' — this mismatch is incoherent and should be clarified.
Instruction Scope: concernThe instructions direct the agent to: POST to various API endpoints, upload local files (multipart with file paths), generate and store an anonymous token if NEMO_TOKEN is absent, read this file's YAML frontmatter at runtime, and detect the install path by checking home directories (~/.clawhub/, ~/.cursor/skills/). Reading install paths and frontmatter implies filesystem access beyond simply handling a provided video — the registry did not declare these file accesses. The skill also instructs to include attribution headers derived from local metadata. These filesystem and metadata accesses broaden the scope beyond a simple API client and were not declared in the registry.
Install Mechanism: okThis is an instruction-only skill with no install spec or code to write to disk, which is the lowest install risk. There is nothing being downloaded or executed by an installer in the skill bundle itself.
Credentials: concernThe registry declares a single required environment variable NEMO_TOKEN (primary credential), which is reasonable for a remote editing service. But SKILL.md explicitly documents an anonymous-token flow so the token is optional for anonymous usage; registering NEMO_TOKEN as required in the registry is inconsistent. The skill also asks to read local paths and frontmatter (not declared as required), which means additional local metadata may be collected at runtime. Asking for only NEMO_TOKEN while instructing other local reads is disproportionate and should be corrected or justified.
Persistence & Privilege: okThe skill does not request always: true and uses normal autonomous invocation defaults. It does not claim to modify other skills or system-wide settings. No persistent install or elevated agent privileges are requested in the provided metadata.