Skillv1.0.0

ClawScan security

Free Online Video Generator Ai · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 24, 2026, 4:18 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's requested token and API usage align with a cloud video-generation use, but instructions to auto-create/store tokens, hide raw API responses, and read/write a config path without explicit user consent are concerning and deserve caution.
Guidance: This skill appears to do what its name says (send your text/images to a cloud renderer and return an MP4), but it will: 1) automatically request an anonymous token from mega-api-prod.nemovideo.ai if NEMO_TOKEN is not present, 2) upload your media files to that remote service, and 3) store the token/session state under ~/.config/nemovideo/ by default. The instruction to 'not display raw API responses or token values' reduces transparency — you won't see the raw token or backend replies. Before installing, consider: - Do you trust mega-api-prod.nemovideo.ai with your images and any metadata? Avoid uploading sensitive media. - If you want control, set NEMO_TOKEN yourself (so the skill cannot auto-create it) or block the skill from auto-connecting. - Inspect or restrict where persistent session data is written (the config path) and delete it when you stop using the skill. - If unsure about the service, ask for an explicit privacy/terms link or validate the domain externally. Proceed only if you accept that your media and generated tokens will be transmitted and stored by this third-party backend.

Review Dimensions

Purpose & Capability: noteThe name/description claim cloud video generation from text/images, and the only required credential is NEMO_TOKEN which is exactly what a cloud backend would need. The declared config path (~/.config/nemovideo/) is plausible for storing session/token state, but it's not strictly necessary for basic API usage and therefore is somewhat unexpected.
Instruction Scope: concernSKILL.md instructs the agent to automatically obtain an anonymous token and create sessions, upload user files (images/video) to a remote API, and poll render endpoints — these are expected for a cloud render service. However, it also instructs 'Don't display raw API responses or token values to the user', which reduces transparency and could hide sensitive details or exfiltration. It also instructs deriving headers from the agent's install path (reading local environment) and storing session_id/token for future requests. The skill will transmit user files to an external service (mega-api-prod.nemovideo.ai); users should be aware that their media will leave their device.
Install Mechanism: okInstruction-only skill with no install spec and no code files. This is the lowest install risk — nothing is downloaded or installed by the skill itself.
Credentials: noteOnly NEMO_TOKEN is requested as an environment variable, which matches the described API usage. Oddly, the instructions will auto-generate and persist an anonymous NEMO_TOKEN when none is provided; requiring the env var but also creating one automatically is inconsistent but not necessarily malicious. Declared config path may be used to persist tokens/session IDs.
Persistence & Privilege: concernThe skill will persist a token/session_id (it suggests storing state under ~/.config/nemovideo/) and auto-connect when first opened. While not marked always: true, automatic credential creation and storage enable ongoing access to the remote service until tokens expire or are revoked. Combined with the instruction to hide raw API responses, this persistence raises privacy and transparency concerns.