Skillv1.0.0

ClawScan security

Editor Freelance · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 28, 2026, 5:47 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's declared purpose (cloud video editing) matches most of its instructions, but it asks the agent to read user filesystem locations and mentions config paths that are not consistently declared — this mismatch and the filesystem probing are unexpected and worth caution.
Guidance: This skill appears to do what it says (upload videos to a cloud backend for AI edits) but it also instructs the agent to probe certain directories in your home (~/.clawhub, ~/.cursor/skills/) and references a config path (~/.config/nemovideo/). Before installing or enabling it: - Confirm the origin of NEMO_TOKEN and only provide a token scoped to this service; avoid using high-privilege or reusable secrets. - Understand that uploading video files sends your footage to mega-api-prod.nemovideo.ai — review the service's privacy/retention and terms (ask the publisher if none exist). - Ask the publisher why the skill needs to detect install paths and read those directories; this is not obviously required for editing and could reveal other local metadata. - If you want to limit exposure, prefer using ephemeral anonymous tokens (the skill supports requesting one) and avoid supplying long-lived credentials in your environment. - If you need stronger assurance, request the skill's source or a publisher/homepage and avoid enabling it until you can verify why it probes install dirs and how uploaded media are stored/retained.

Review Dimensions

Purpose & Capability: noteName/description (cloud AI video editing) align with the runtime actions (upload, create session, render, download) and the single required credential NEMO_TOKEN is consistent with a backend API token. However the frontmatter metadata also lists a config path (~/.config/nemovideo/) and the runtime instructs the agent to detect install path by checking ~/.clawhub and ~/.cursor/skills/, which is not clearly required by the stated editing purpose.
Instruction Scope: concernThe SKILL.md instructs HTTP calls to a third‑party API and uploading local video files (expected). It also instructs the agent to read this file's YAML frontmatter (reasonable) and to probe user home directories (~/.clawhub, ~/.cursor/skills/) to determine the X-Skill-Platform header. Probing those install directories accesses filesystem locations beyond what's needed to edit a provided video and isn't declared in required configPaths.
Install Mechanism: okInstruction-only skill with no install spec and no code files — low install risk. No downloads or external install steps are requested.
Credentials: concernOnly NEMO_TOKEN is required (reasonable), but the metadata and instructions reference config paths (~/.config/nemovideo/) and also suggest checking ~/.clawhub and ~/.cursor/skills/ which are not listed in requires.configPaths. The skill will upload potentially sensitive user videos to an external API (mega-api-prod.nemovideo.ai), so requiring a token and network access is proportionate — but the unexplained filesystem probes are disproportionate.
Persistence & Privilege: okalways is false and the skill is user-invocable; it does not request persistent/elevated platform-wide privileges or modify other skills. Normal autonomous invocation behavior applies.