Highlight Editor Hd

This skill appears to do what it says — it uploads user-supplied video files to nemovideo.ai and returns rendered MP4s — but check a few things before installing or using it: - Data exposure: Uploaded videos will be sent to an external service (https://mega-api-prod.nemovideo.ai). Do not upload sensitive or private recordings unless you trust that service and have reviewed its privacy/retention policies. - Environment token: NEMO_TOKEN is the only credential requested; treat it like any API secret. Avoid reusing a high-privilege token and consider using a dedicated token with limited scope. - Local-info leak: The skill instructs sending X-Skill-Platform derived from local install paths (e.g., ~/.clawhub/). Ask the developer to confirm what local paths will be inspected and to avoid sending full filesystem paths — this can leak information about your environment. Prefer a sanitized platform string rather than raw path inspection. - Anonymous fallback: If no NEMO_TOKEN is present, the skill will obtain an anonymous token from the external API. That behaviour is reasonable but means work may proceed under an externally-issued short-lived token; check what data is associated with anonymous sessions. - Confirm headers and attribution: The skill says missing attribution headers will cause export to fail with 402. Request clarification why these headers are required and whether they can be minimal to avoid sending unnecessary agent/system metadata. If you need higher assurance, ask the publisher for the skill's source code or for a privacy/security statement. If you cannot confirm how local paths are determined or sanitized, be cautious about installing or running the skill in environments containing sensitive files or secrets.