Skillv1.0.0

ClawScan security

Generation Text Generator · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 28, 2026, 6:12 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill mostly matches its stated purpose (upload text/files to a remote video generation API) but the runtime instructions ask the agent to inspect local install/config paths that weren’t declared and to upload user files to an external service — these mismatches and filesystem access deserve clarification before installing.
Guidance: What to consider before installing: - This skill will upload user files (documents, videos) and prompts to a remote service at mega-api-prod.nemovideo.ai for processing. Only use it with content you are comfortable sending to an external server. - It prefers a NEMO_TOKEN but can mint an anonymous token by calling the service; consider using a short-lived or throwaway token if you don't want to store persistent credentials. - The SKILL.md asks the agent to detect install paths and references a local config directory (~/.config/nemovideo/). The registry metadata did not declare those config path requirements — ask the developer to confirm whether the skill will read local files and why. If it does read local configs, get specifics on what files are accessed and why. - Ask the developer / provider about data retention, access controls, and where generated media and uploaded files are stored. Also ask for a privacy/security policy for the endpoint domain. - If you need to process sensitive content, avoid sending it until you get clear answers. If you proceed, prefer ephemeral/anonymous tokens and do not store long-lived secrets in your environment without verifying the provider.

Review Dimensions

Purpose & Capability: noteThe skill's name and description (generate text-driven video content) align with the API endpoints and flows described (session creation, SSE text generation, upload, render/export). Requesting a NEMO_TOKEN is proportionate for an authenticated remote service. However, the SKILL.md frontmatter also lists a config path (~/.config/nemovideo/) and the runtime text instructs detecting install paths (~/.clawhub/, ~/.cursor/skills/) to set X-Skill-Platform — filesystem inspection of those paths is outside the stated purpose and is not reflected in the registry metadata (registry reported no required config paths). This mismatch is unexpected.
Instruction Scope: concernThe SKILL.md instructs connecting to an external API, uploading user files (TXT, DOCX, PDF, MP4 up to 200MB), generating anonymous tokens if NEMO_TOKEN is absent, and saving session_id for further calls — these are consistent with the feature. Concern: the instructions explicitly direct the agent to detect the agent's install path and to use/inspect local config paths to populate headers (X-Skill-Platform), which implies reading filesystem paths/config not declared elsewhere. The skill also instructs polling state and persistent session storage; the agent will therefore transmit user content and metadata to an external host (mega-api-prod.nemovideo.ai). That is expected for this feature but is a notable privacy/security surface; users should confirm the trustworthiness and retention policy of that endpoint.
Install Mechanism: okThis is an instruction-only skill with no install spec and no code files, so nothing is written to disk by an installer. That reduces installation risk. Runtime behavior still performs network calls and may read local paths as described above.
Credentials: concernThe declared primaryEnv is NEMO_TOKEN, which is appropriate for authenticating with the described API. However, the SKILL.md frontmatter and runtime text imply reading a local config directory (~/.config/nemovideo/) and install paths to set headers — those filesystem accesses were not declared in the registry metadata summary. Requiring access to local config paths or arbitrary filesystem locations would be disproportionate for a pure API client unless used to reuse an existing NEMO_TOKEN; the skill should explicitly declare any config paths it will read.
Persistence & Privilege: okalways:false and normal agent invocation are used. The skill saves session_id/state for interacting with the remote API, which is reasonable for this workflow. There is no instruction to modify other skills or system-wide settings. No forced always-on privilege is requested.