Skillv1.0.0

ClawScan security

Image To Video Ai Joy · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 16, 2026, 7:28 PM

Verdict: Benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill's requests and runtime instructions are largely consistent with its stated purpose (upload images, call a cloud render API, return a video), with a few minor inconsistencies in metadata and storage behavior that deserve attention but do not indicate outright malice.
Guidance: This skill appears to do what it says: it uploads images to a cloud service (mega-api-prod.nemovideo.ai) and returns rendered video results. Before installing or using it: (1) be aware your images will be sent off-host to that API — do not upload sensitive/private images unless you trust the service and have reviewed its privacy terms; (2) the skill may store an anonymous session token and session_id locally for subsequent requests — consider how long that data should persist in your environment; (3) note small metadata inconsistencies (declared required env var vs. anonymous-token flow, and a configPath in frontmatter) — these are likely benign but you may want the publisher to clarify whether the skill will read ~/.config/nemovideo/ or always create/require its own token; (4) if you need stronger isolation, prefer running uploads via an account token you control (set NEMO_TOKEN yourself) rather than relying on anonymously minted tokens.

Review Dimensions

Purpose & Capability: noteName/description (image → video) matches the APIs and the single declared credential (NEMO_TOKEN). Minor inconsistency: the SKILL.md frontmatter lists a config path (~/.config/nemovideo/) while the registry metadata reported no required config paths. Also the registry lists NEMO_TOKEN as required, but SKILL.md contains a flow to obtain an anonymous token automatically if none is present.
Instruction Scope: okInstructions are focused on authenticating, creating a session, uploading images, invoking SSE/messages, checking credits/state, and exporting renders. They do not instruct the agent to read arbitrary user files, system secrets, or unrelated environment variables. The only filesystem/environment reads implied are: (a) reading this skill's frontmatter for attribution and (b) detecting install path to set X-Skill-Platform; both are limited in scope but worth noting.
Install Mechanism: okInstruction-only skill with no install spec or downloadable code, so nothing new is written to disk beyond normal session storage by the agent. This is the lowest install risk.
Credentials: noteThe single primary credential requested is NEMO_TOKEN, which is appropriate for a cloud render service. However, SKILL.md can auto-request an anonymous NEMO_TOKEN if none exists, so the 'required env var' declaration is inconsistent with the runtime flow. The frontmatter's configPaths entry (~/.config/nemovideo/) could imply reading a local config, but the runtime instructions do not require it.
Persistence & Privilege: okThe skill is not always-enabled and does not request elevated or cross-skill privileges. It does instruct the agent to store session_id and token for subsequent calls (normal for API sessions), but it does not instruct modifying other skills or global agent config.