Skillv1.0.0

ClawScan security

Text To Video Long Duration · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 17, 2026, 5:27 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill mostly matches a cloud video-generation purpose, but several inconsistencies and a few unclear instructions mean you should review how it obtains tokens, what it reads from disk, and what it will upload before installing.
Guidance: This skill appears to be a client for a third‑party video rendering service and will upload files and call mega-api-prod.nemovideo.ai. Before installing or invoking: (1) Decide whether you want the agent to auto‑obtain an anonymous token (the skill will call an auth endpoint if NEMO_TOKEN is not present) — if not, provide your NEMO_TOKEN yourself. (2) Confirm you are comfortable uploading the files you will send (scripts, media) to that external domain and review the service’s privacy/terms. (3) Ask the publisher to clarify the inconsistencies (supported file types, expected render time, and whether ~/.config/nemovideo/ will be accessed). (4) If you prefer tighter control, require that the skill not auto-fetch tokens and require explicit user confirmation before any file upload or token exchange.

Review Dimensions

Purpose & Capability: concernThe skill claims to produce long-form videos and documents a cloud API and upload workflow that match that purpose. However there are mismatches: the registry metadata lists NEMO_TOKEN as a required env var, yet the SKILL.md provides an anonymous-token fallback flow (it will POST to an external endpoint to obtain a token). The description initially states support for TXT/DOCX/PDF/SRT up to 50MB but later the API accepts many media types (mp4, jpg, mp3, etc.) and the documented render time is inconsistent (3–6 minutes vs 30–90 seconds). Also SKILL.md frontmatter lists a config path (~/.config/nemovideo/) while the registry metadata reported no required config paths. These inconsistencies affect trust in what the skill actually requires.
Instruction Scope: noteInstructions are explicit about calling the mega-api-prod.nemovideo.ai endpoints, uploading user files, controlling sessions, and using SSE. Those actions are coherent for a cloud render service. Points to note: the skill instructs the agent to read the skill's YAML frontmatter at runtime and to attempt to detect install path (~/.clawhub/, ~/.cursor/skills/) which implies filesystem checks beyond pure API calls. It also instructs automatic anonymous token acquisition if NEMO_TOKEN is missing — meaning network calls will be initiated automatically. None of these are clearly malicious, but they expand what the agent will do automatically.
Install Mechanism: okInstruction-only skill with no install spec or bundled code — lowest installation risk. No downloads or extracts are requested.
Credentials: concernThe skill declares a single primary credential (NEMO_TOKEN), which is proportionate for a cloud API. However the SKILL.md both treats NEMO_TOKEN as required and also documents an anonymous-token flow that will create/consume a token automatically. The frontmatter also references a config path (~/.config/nemovideo/) not reflected in the registry metadata. This mismatch (declared required env var vs automatic token generation, and the unexpected config path) reduces clarity about what secrets or files the skill legitimately needs.
Persistence & Privilege: okalways is false and the skill is user-invocable; it does not request persistent/privileged installation or modify other skills. It does expect to maintain a session_id in-memory for the session, which is normal for a remote API client.