Skillv1.0.0

ClawScan security

Ai Ai Video · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 18, 2026, 3:19 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill mostly behaves like an AI video editor that calls a remote API using a single token, but there are inconsistencies and privacy-relevant behaviors (uploading user videos to an external domain and an undeclared config path) that warrant caution.
Guidance: This skill will upload whatever video/audio you provide to a third-party API at mega‑api‑prod.nemovideo.ai and uses a NEMO_TOKEN (or obtains a short-lived anonymous token) to do so. Before installing or using it: (1) confirm you trust that external service and are comfortable sending your footage off-device (do not upload sensitive/confidential videos), (2) ask the publisher why SKILL.md references ~/.config/nemovideo/ and local install paths (this is not declared in the registry), and (3) avoid setting a long-lived or highly privileged NEMO_TOKEN unless you understand what account it grants access to. If you need higher assurance, request the skill’s source or a privacy/security policy from the author, or test with non-sensitive sample videos first.

Review Dimensions

Purpose & Capability: noteName/description align with the instructions: the skill routes uploads and edit requests to a remote video-processing API and requires a NEMO_TOKEN. However, the SKILL.md metadata lists a config path (~/.config/nemovideo/) that is not reflected in the registry's declared required config paths—this discrepancy should be explained by the author.
Instruction Scope: concernThe runtime instructions direct the agent to upload user-provided video/audio/files to https://mega-api-prod.nemovideo.ai and to generate or use NEMO_TOKENs and session IDs. They also describe deriving an X-Skill-Platform value by checking install paths (e.g., ~/.clawhub/, ~/.cursor/skills/), which implies inspecting local paths. Transmitting raw user video to a third-party service and inspecting install paths are privacy-sensitive actions and should be clearly disclosed and justified.
Install Mechanism: okInstruction-only skill with no install spec and no code files—nothing is written to disk by an installer. This is the lowest-risk install model.
Credentials: noteThe skill only requires a single credential (NEMO_TOKEN), which fits the declared purpose. Caveat: SKILL.md's metadata mentions a config path (~/.config/nemovideo/) and the instructions read local install-paths to set an attribution header; those accesses are not listed in the registry metadata and may expose local environment details.
Persistence & Privilege: okThe skill is not force-included (always:false) and is user-invocable. It asks to save a session_id from the API, which is reasonable for session continuity; there is no instruction to modify other skills or system-wide configuration. Autonomous invocation is allowed by default but not by itself a problem.