Skillv1.0.0

ClawScan security

Bilibili Ai Subtitle Online · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 11, 2026, 10:37 PM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill's requirements and runtime instructions match its advertised purpose (cloud subtitle/rendering service) with minor inconsistencies to review before installing.
Guidance: This skill appears to be what it says: a cloud-based Bilibili subtitle/render service that needs a NEMO_TOKEN and uploads your video to the nemo API. Before installing, consider the following: (1) Privacy: your video and audio will be sent to https://mega-api-prod.nemovideo.ai — do not upload sensitive content unless you trust that service and understand its retention/processing policy. (2) Token handling: the skill will look for or obtain a NEMO_TOKEN and might persist session state; confirm how and where tokens are stored (the metadata references ~/.config/nemovideo/). (3) Verify the service domain and operator: the skill has no homepage or known owner listed; if you need accountability, ask for source code, a homepage, or an official provider. (4) Least privilege: avoid reusing high‑privilege credentials in NEMO_TOKEN; use an anonymous or scoped token if possible and rotate/delete it after use. (5) If you want higher assurance: request the skill’s source or a network/capability audit that documents whether tokens or files are written to disk and how long uploads are retained.

Review Dimensions

Purpose & Capability: okThe skill claims to upload videos and request rendered outputs from a remote GPU-backed service; requiring a NEMO_TOKEN and calling nemovideo API endpoints aligns with that purpose. One minor mismatch: the metadata lists a config path (~/.config/nemovideo/) that the SKILL.md does not clearly read or write — this is plausible (for storing tokens) but not documented in the instructions.
Instruction Scope: noteSKILL.md provides concrete API workflows (token exchange, session creation, upload, SSE, export) and stays focused on the subtitle/rendering task. It does instruct the agent to POST to external megA-api-prod.nemovideo.ai endpoints and to persist/use session/token values. It does not instruct reading unrelated system files or other env vars. The only scope question is the undocumented config path in metadata — the instructions say to 'look for NEMO_TOKEN in the environment' and otherwise obtain an anonymous token; they do not explicitly say whether or where tokens or session state are persisted on disk.
Install Mechanism: okThere is no install spec and no code files — the skill is instruction-only, which keeps its on-disk footprint minimal and reduces install-time risk.
Credentials: noteThe only required credential is NEMO_TOKEN (declared as primaryEnv), which is appropriate for a third‑party API. The metadata also declares a config path (~/.config/nemovideo/) which could imply local storage of tokens or config; the SKILL.md does not explicitly justify or document access to that path. No other unrelated secrets or credentials are requested.
Persistence & Privilege: okThe skill is not always-enabled and does not request elevated agent/system privileges. It may persist session tokens for reuse, which is normal for an API-backed service, but it does not ask to modify other skills or global agent settings.