Skillv1.0.0

ClawScan security

Free Nemo Video · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 19, 2026, 10:26 AM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill's requirements and runtime instructions are generally consistent with a cloud video-editing integration, but there are a few minor inconsistencies and privacy-relevant behaviors you should understand before use.
Guidance: This skill appears to do what it says (cloud-based video editing) and only requests one credential (NEMO_TOKEN). Before installing or using it, consider: 1) Privacy — your videos will be uploaded to https://mega-api-prod.nemovideo.ai; only upload content you are comfortable sending to a third party. 2) Verify origin — source/homepage is unknown; confirm the provider and read its privacy/terms. 3) Token handling — if you don't have a NEMO_TOKEN the skill will request an anonymous token from the service; that gives the service access to any uploaded videos for the token lifetime (about 7 days). 4) Filesystem access — the SKILL.md suggests detecting install paths and reading YAML frontmatter; ask the author why that is needed and whether it can be avoided. 5) Minimize risk — prefer using an anonymous account or disposable token, avoid placing long-lived secrets in shared environment variables, and do not upload sensitive private content unless you trust the service. If you need higher assurance, request the skill author provide a homepage, privacy policy, or source repository to verify the backend and behavior.

Review Dimensions

Purpose & Capability: noteName/description match the instructions: the skill uploads user video clips to a NemoVideo cloud API, creates sessions, queues render jobs, and returns download URLs. Requesting a NEMO_TOKEN credential is appropriate for authenticating to that API. However, the SKILL.md frontmatter mentions a config path (~/.config/nemovideo/) while the registry metadata listed no required config paths — this is an inconsistency worth confirming with the author.
Instruction Scope: noteInstructions are explicit about network calls (anonymous-token endpoint, session creation, upload, SSE, render/polling). They also instruct the agent to derive attribution headers from the YAML frontmatter and to detect an install path (checking locations like ~/.clawhub/ or ~/.cursor/skills/). Detecting install path / reading the frontmatter implies the agent may read local filesystem paths beyond just the declared env var; this is not strictly necessary for core editing functionality and is scope creep you may want clarified.
Install Mechanism: okNo install spec and no code files are present (instruction-only). This minimizes on-disk risk — the skill performs actions via API calls rather than installing binaries or downloading archives.
Credentials: noteThe skill declares a single primary credential (NEMO_TOKEN), which fits a cloud editing service. The runtime also supports creating an anonymous token by POSTing to the service if NEMO_TOKEN is absent. No other unrelated credentials are requested. That said, the SKILL.md's implicit request to read install paths or config files (per frontmatter) could result in accessing local files beyond just reading the NEMO_TOKEN env var; confirm whether local config access is necessary.
Persistence & Privilege: okThe skill is not marked always:true and does not request system-wide persistence or to modify other skills. It may create short-lived session tokens with the remote service (tokens last ~7 days), but there is no instruction to permanently store credentials on disk.