Skillv1.0.0

ClawScan security

Editor Ai For Beginners · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 10, 2026, 11:43 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's declared purpose (cloud video editing via a Nemo API) aligns with most requirements, but the runtime instructions ask the agent to read local file paths and detect install/config locations and there is a small metadata mismatch — this creates scope‑creep risk before you trust it with files or a token.
Guidance: This skill appears to be a thin client for a Nemo cloud video editing API and mostly coherent, but exercise caution before installing or using it with sensitive data. Specifically: (1) don't provide your NEMO_TOKEN unless you trust the backend — the skill will use it as a bearer token for all requests; (2) avoid uploading sensitive local files — the instructions include reading files from arbitrary paths (files=@/path), so prefer attaching files via the chat UI or testing with non-sensitive samples first; (3) verify the API domain (mega-api-prod.nemovideo.ai) and the service's privacy/data-retention policies if you plan to upload real content; (4) note the SKILL.md references local config paths and install-path detection — if you want to limit exposure, run the skill in a restricted environment or deny access to your filesystem; (5) if you don't have a NEMO_TOKEN, the skill will request an anonymous token from the remote API automatically — be aware that this still transmits metadata (X-Skill-* headers) to the provider. If these behaviors are acceptable, test with throwaway tokens and non-sensitive clips first. If you need more certainty, ask the skill author for a privacy/security policy and clarification about local filesystem access and what the attribution headers contain.

Review Dimensions

Purpose & Capability: noteName/description match the actions in SKILL.md: it calls a remote Nemo video API and needs a NEMO_TOKEN. That is coherent. However the SKILL.md metadata references a config path (~/.config/nemovideo/) while the registry metadata lists no required config paths — minor inconsistency in declared vs. actual metadata.
Instruction Scope: concernThe instructions direct the agent to create sessions, call SSE endpoints, and upload videos. Crucially, upload examples include multipart 'files=@/path' syntax and the doc tells the agent to detect install paths (e.g. ~/.clawhub/) to set X-Skill-Platform. That implies the agent may be expected to read arbitrary local filesystem paths rather than only using user-attached files; this is scope creep and a privacy/risk concern. The skill also instructs obtaining an anonymous token if none is present (POST to external API) which is expected but means network calls will be made automatically.
Install Mechanism: okThere is no install spec and no code files — instruction-only skill. That reduces risk compared with arbitrary downloaded code.
Credentials: noteOnly one credential (NEMO_TOKEN) is declared as required, which is appropriate for a cloud-editing integration. The SKILL.md also documents a flow to obtain a short-lived anonymous token if NEMO_TOKEN is absent — reasonable but be aware that the skill will call the external auth endpoint and use that token for subsequent requests. The presence of metadata-reported configPaths (in SKILL.md) is not reflected in the registry and could imply the skill expects access to a local config directory.
Persistence & Privilege: okalways:false and no install or persistent permissions are requested. The skill does suggest detecting install/config paths, but it does not request to be always-enabled or to modify other skills; no elevated persistence is requested.