Skillv1.0.0

ClawScan security

Music Ab2n 0330 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 27, 2026, 3:15 AM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill's requested access and runtime instructions are generally consistent with a cloud music-video rendering service, but there are minor mismatches (an unexplained config path and automatic anonymous-token flow) and the backend is an externally hosted API with no public homepage — review before uploading private content or reusing credentials.
Guidance: This skill uploads your audio and related metadata to an external service (mega-api-prod.nemovideo.ai) and either uses an existing NEMO_TOKEN from your environment or will obtain a short-lived anonymous token for you. Before installing or using it: (1) Confirm you trust the remote domain and understand its privacy/retention policy — don't upload private/confidential audio unless you trust the service. (2) If you already have a NEMO_TOKEN, prefer using it rather than letting the skill obtain an anonymous token. (3) Ask the author why the metadata declares ~/.config/nemovideo/ as a required config path (the SKILL.md doesn't explain reading it). (4) If you are uncomfortable with the skill probing install paths or contacting an unknown backend, do not enable it. Additional information that would raise confidence: a public homepage or documentation for the backend, privacy/retention terms, and clarification about the purpose of the declared config path.

Review Dimensions

Purpose & Capability: noteName/description (turn audio into videos) align with required credential NEMO_TOKEN and the described API endpoints for upload, render, and export. One minor inconsistency: metadata declares a required config path (~/.config/nemovideo/) but the SKILL.md does not explain reading or needing that config directory.
Instruction Scope: noteSKILL.md stays within the stated purpose: it instructs uploading user audio, creating sessions, streaming SSE edits, polling render status, and returning download URLs. It also instructs generating an anonymous token via a POST to the vendor API when NEMO_TOKEN is absent — this is expected for an anonymous/credit flow but means the skill will contact an external service and transmit a UUID and uploaded media. The instructions also ask the agent to read the file's YAML frontmatter for attribution and to detect install path (probing ~/.clawhub or ~/.cursor/skills/) which requires checking the user's filesystem; this is plausible for attribution but is additional file-system access beyond simple upload.
Install Mechanism: okNo install spec or code is present — instruction-only skill. This is the lowest install risk; nothing will be written to disk by an install step. Runtime network calls are the main surface area.
Credentials: noteOnly one declared environment variable (NEMO_TOKEN / primaryEnv) is required, which is proportional to a cloud API service. The metadata's configPaths entry (~/.config/nemovideo/) is unexplained by the SKILL.md and could imply additional local config access; that mismatch is worth questioning.
Persistence & Privilege: okalways is false and the skill does not request elevated or persistent system privileges. Autonomous invocation is allowed (platform default) but not combined with other high-privilege requests here.