Skillv1.0.0

ClawScan security

Editor Highlights · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 28, 2026, 6:17 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's claimed purpose (cloud video highlight extraction) matches most instructions, but there are small inconsistencies and scope-creep signals (install-path/config detection and implicit filesystem access) that you should be aware of before installing.
Guidance: This skill appears to do what it says (upload video, run cloud GPU renders, return MP4s), but a few things to check before using it: - It requires a NEMO_TOKEN bearer token. Prefer using the anonymous-token flow the skill documents rather than supplying a long-lived secret in your environment. Do not reuse other sensitive tokens. - The SKILL.md references local install/config paths (~/.config/nemovideo/, ~/.clawhub/, ~/.cursor/skills/) and derives X-Skill-Platform from the agent's install path — that implies the agent may check filesystem locations to set headers. If you are uncomfortable with the skill inspecting your home directory/agent install paths, avoid installing it or run it with limited filesystem access. - Uploaded videos (and any metadata) will be sent to https://mega-api-prod.nemovideo.ai — review the service's privacy/security policies and understand how long files or rendered outputs are retained. - Because the skill can act autonomously, consider the scope of operations you allow it (uploads, exports). If you need stronger controls, only invoke it interactively and avoid storing your own global NEMO_TOKEN in an agent-wide environment variable. If you want, I can list concrete mitigations (example ephemeral token flow, sandboxing recommendations, or a checklist of questions to ask the service owner) before you proceed.

Review Dimensions

Purpose & Capability: noteThe name/description describe a cloud-based video highlight extractor and the SKILL.md instructs the agent to create jobs, upload videos, and retrieve rendered MP4s from a remote API. Asking for a single service token (NEMO_TOKEN) is proportionate to that purpose. No unrelated credentials or binaries are requested.
Instruction Scope: concernMost instructions stay within video upload, session creation, SSE streaming, and export flows. However the SKILL.md requires building headers that include X-Skill-Platform derived from the agent's install path and references a local config path (~/.config/nemovideo/). That implies the agent may be expected to inspect local filesystem locations to determine platform/install path — a minor scope creep beyond simply uploading user-provided video files. The doc also instructs using local file path uploads (multipart -F "files=@/path"), which requires local file access when uploading; that's expected for uploads but worth noting because the skill metadata and registry disagree about required config paths.
Install Mechanism: okThis is instruction-only with no install spec or code files, so nothing is written to disk by the skill itself. That minimizes install risk.
Credentials: noteOnly one environment variable is required (NEMO_TOKEN) and it directly maps to the described API. The SKILL.md also documents a way to obtain an anonymous token via the external API, which reduces the need to supply a permanent secret. Still: granting a skill access to a bearer token for an external service is sensitive — the token allows the skill to create uploads and render jobs for the account tied to that token.
Persistence & Privilege: notealways:false and model invocation allowed (normal). The skill asks the agent to save session_id and reuse session tokens, which is expected for job tracking. There is no request to modify other skills or global agent settings. The only potential privilege concern is the header X-Skill-Platform derivation (requires knowledge of install path), which could allow the skill to probe for certain local paths; this is not an explicit privilege request but is implied by the instructions.