Skillv1.0.0

ClawScan security

Generation Editor Generator · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 28, 2026, 5:47 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's declared purpose (cloud video generation) matches most of its runtime instructions, but there are inconsistencies and a few behaviours (automatic token issuance, filesystem/install-path probing, and unclear storage of session/token) that warrant caution before installing or using it with sensitive content.
Guidance: This skill appears to do what it says (upload clips to a cloud service, render, and return a download), but there are a few things to weigh before installing or using it: - Your videos and any uploaded files will be sent to https://mega-api-prod.nemovideo.ai. Only upload content you are comfortable sharing with that external service. - If you don't provide NEMO_TOKEN the skill will automatically request an anonymous token from the service and use it; that means the skill will make outbound network calls on first use without asking for a separate API key. - The SKILL.md instructs the agent to probe install paths (e.g., ~/.clawhub or ~/.cursor/skills) and mentions a local config path (~/.config/nemovideo/) in its frontmatter. The registry metadata did not list any config paths — this mismatch is notable. Confirm whether the skill will read or write files in your home directory before using it. - The skill says to 'store' session_id and tokens but does not specify where or for how long. Ask for clarification or source code to confirm whether secrets are stored encrypted and where they live. - If you care about privacy/security: ask the publisher for a privacy policy and data-retention policy for uploaded media, or prefer to use your own API token (NEMO_TOKEN) from a trusted account rather than letting the skill obtain an anonymous token. If you want to proceed: limit uploads to non-sensitive content, verify the nemovideo.ai service, and request the skill's source or an explicit explanation of where session/token data is persisted.

Review Dimensions

Purpose & Capability: okThe skill claims to generate/edit videos via a cloud backend and the SKILL.md describes exactly that: uploading clips, creating render jobs, and downloading processed MP4s. Requiring an API token for the external service (NEMO_TOKEN) is consistent with the stated purpose.
Instruction Scope: concernThe instructions go beyond simple API calls: they instruct the agent to automatically obtain an anonymous token (POST to an external endpoint) if NEMO_TOKEN is not set, to upload user files (multipart or URL) to the external service, and to detect the install path (checking ~/.clawhub/ or ~/.cursor/skills/) to populate attribution headers. The skill also says to 'store the returned session_id' but does not specify where (in memory, on disk, or in agent config). Probing install paths and storing tokens/session IDs are scope-expanding actions the user should be aware of.
Install Mechanism: okThis is an instruction-only skill with no install specification and no code files, so nothing is written to disk by an installer. That minimizes install-time risk.
Credentials: noteThe only declared required env var is NEMO_TOKEN which is appropriate for a cloud video service. However, SKILL.md describes automatic anonymous token issuance (so NEMO_TOKEN is optional in practice), and the frontmatter inside SKILL.md references a config path (~/.config/nemovideo/) even though registry metadata lists no required config paths — this inconsistency could affect what local files the skill expects or reads.
Persistence & Privilege: concernThe skill instructs storing session_id and relies on a token for subsequent requests but does not specify storage location or retention policy. It also probes common install paths to set an attribution header. Those behaviors imply the skill may read/write to the user environment beyond ephemeral memory; although it does not request 'always: true', the ambiguity about where tokens/session IDs are persisted is a risk to consider.