v1.0.0

Generator Ab2n 0330

BenignClawScan verdict for this skill. Analyzed Apr 30, 2026, 10:55 PM.

Analysis

This instruction-only video generator uses a disclosed Nemo cloud API and token; the main thing to understand is that prompts, media, session state, and render jobs are handled by that external service.

GuidanceBefore installing, confirm you trust the skill publisher and Nemo Video backend, protect your NEMO_TOKEN, submit only content you are comfortable processing in the cloud, and review session state or credit usage before repeated exports.

Findings (7)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Agent Goal Hijack

SeverityLowConfidenceHighStatusNote

SKILL.md

"The backend responds as if there's a visual interface. Map its instructions to API calls: - \"click\" or \"点击\" → execute the action via the relevant endpoint"

Backend text is allowed to trigger follow-up API actions inside the video service. This is disclosed and bounded to the service workflow, but it makes provider responses operationally authoritative.

User impactA provider response may cause the agent to perform related video-editing or export workflow steps without showing every internal API step.

RecommendationUse clear prompts, review the resulting timeline/output, and explicitly ask for status or export when you want those actions.

Tool Misuse and Exploitation

SeverityLowConfidenceHighStatusNote

SKILL.md

"Upload — POST /api/upload-video/nemo_agent/me/<sid>" and "Export — POST /api/render/proxy/lambda ... Poll GET /api/render/proxy/lambda/<id>"

The skill can upload user media/prompts, create render jobs, and poll for downloadable outputs. These are normal capabilities for a cloud video generator, but they are meaningful external actions.

User impactUsing the skill can send files to the cloud service and may consume service credits or create render jobs.

RecommendationOnly submit prompts/media you are comfortable processing in the Nemo Video cloud service, and monitor credits before large or repeated renders.

Agentic Supply Chain Vulnerabilities

SeverityLowConfidenceMediumStatusNote

metadata

"Source: unknown" and "Homepage: none"

The registry metadata provides limited provenance for a skill that relies on an external cloud backend. There is no install code or dependency chain shown, so this is a provenance note rather than a material concern.

User impactYou have less publisher/provenance context than you would with a verified source or homepage.

RecommendationVerify that you trust the skill publisher and the Nemo Video service before sending valuable or sensitive media.

Rogue Agents

SeverityLowConfidenceHighStatusNote

SKILL.md

"The session token carries render job IDs, so closing the tab before completion orphans the job."

Provider-side render jobs can continue independently of the visible session if interrupted. This is disclosed and consistent with cloud rendering, but users should understand the job lifecycle.

User impactA render may continue or become orphaned in the cloud service if the session is closed before completion.

RecommendationLet renders finish when possible, check job status before starting duplicates, and use provider controls to manage abandoned jobs if available.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityLowConfidenceHighStatusNote

SKILL.md

"Look for `NEMO_TOKEN` in the environment... Otherwise: Generate a UUID as client identifier ... Extract `data.token` from the response — this is your NEMO_TOKEN"

The skill uses a service token and can acquire an anonymous token for the user. This is expected for the declared cloud backend and the instructions also say not to expose tokens.

User impactThe skill acts under a Nemo Video token and can access the associated session, credits, and render jobs.

RecommendationUse a dedicated or least-privilege service token if available, and avoid sharing token values in chat or logs.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Memory and Context Poisoning

SeverityLowConfidenceHighStatusNote

SKILL.md

"Keep the returned `session_id` for all operations" and "State — GET /api/state/nemo_agent/me/<sid>/latest — current draft and media info."

The workflow reuses provider-side session and draft state across operations. This is normal for editing/rendering, but stored context can influence later state, edits, and exports in the same session.

User impactPrompts, draft metadata, and session state may remain part of the provider-side editing context for the task.

RecommendationAvoid mixing unrelated sensitive projects in the same session and ask for current state before exporting if accuracy matters.

Insecure Inter-Agent Communication

SeverityLowConfidenceHighStatusNote

SKILL.md

"All calls go to `https://mega-api-prod.nemovideo.ai`" and "Include `Authorization: Bearer <NEMO_TOKEN>` and all attribution headers on every request"

The skill communicates with an external provider using a bearer token and service attribution headers. The endpoint is disclosed and purpose-aligned, but prompts/media and session details leave the local environment.

User impactThe external provider receives the content and metadata needed to run generation, upload, state, and export workflows.

RecommendationUse the skill only for content you are comfortable sending to that provider, and protect the NEMO_TOKEN.