Skillv1.0.0

ClawScan security

Converter Best · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 28, 2026, 5:21 PM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill's requests and runtime instructions largely match a cloud video-conversion integration (it wants a NEMO_TOKEN and calls nemovideo.ai endpoints), but there are a few small metadata/instruction mismatches you should be aware of before installing.
Guidance: This skill appears to do what it says: upload video files to nemovideo.ai and return converted outputs. Before installing or providing a permanent NEMO_TOKEN: (1) verify you trust the external domain (mega-api-prod.nemovideo.ai) and review that service's privacy/storage/retention policies for uploaded video content; (2) prefer using the anonymous-token flow or ephemeral/test account if you don’t want to share long-lived credentials; (3) be aware the skill may read or create a local config directory (~/.config/nemovideo/) and will save a session_id for job tracking — if you have policy constraints against writing to home config paths, ask the publisher to clarify; (4) if you need higher assurance, request the publisher to reconcile registry metadata with SKILL.md (the configPath discrepancy) and provide a link to the service homepage or source code so you can audit the API behavior and data handling.

Review Dimensions

Purpose & Capability: noteThe skill's name, description, and runtime instructions consistently describe a cloud-based video conversion service and require a single service credential (NEMO_TOKEN), which is proportionate. However, the SKILL.md frontmatter lists a config path (~/.config/nemovideo/) that is not declared in the registry metadata summary (the registry said no config paths). This is an inconsistency in metadata (minor) — the skill may expect or write a local config directory even though the registry didn't declare it.
Instruction Scope: noteSKILL.md gives precise steps: use NEMO_TOKEN if present, otherwise obtain an anonymous token via an external POST, start a session, upload files, stream SSE responses, poll render status, and return download URLs. Those instructions are in-scope for a converter skill. Two items to note: (1) it instructs detecting install platform from install paths (e.g. ~/.clawhub/, ~/.cursor/skills/) which implies reading filesystem paths, and (2) it tells the agent to save session_id (and implicitly use/refresh tokens). Neither is inherently malicious but they are actions beyond simple message formatting — they involve local file/paths and persistent session state.
Install Mechanism: okThis is an instruction-only skill with no install spec and no code files. That is low-risk from an install/extraction perspective.
Credentials: okOnly one required environment variable is declared (NEMO_TOKEN / primary credential), which aligns with the service the skill integrates with. The SKILL.md also documents a path to obtain an anonymous token if none is supplied, which is consistent with operation. No unrelated credentials are requested.
Persistence & Privilege: okalways:false and normal autonomous invocation are set. The skill instructs saving session_id and reusing/refreshing tokens (expected for session management). It does not request elevated or persistent platform-wide privileges and does not ask to modify other skills/configs.