Back to skill
Skillv1.0.0
ClawScan security
Text To Video Models · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
SuspiciousApr 15, 2026, 8:37 AM
- Verdict
- suspicious
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's runtime instructions generally match a text→video service, but there are metadata inconsistencies and it will upload user files and obtain/use tokens against an external API — review before installing or uploading sensitive data.
- Guidance
- This skill will send your prompts, uploaded files (up to 500MB), and a session token to an external API at mega-api-prod.nemovideo.ai and may create a temporary anonymous token if you don't supply NEMO_TOKEN. Before installing: (1) confirm the skill's source/homepage and privacy/retention policy for uploaded files, (2) avoid uploading sensitive or proprietary files, (3) prefer supplying your own API token if you trust the provider, (4) ask why the skill frontmatter mentions ~/.config/nemovideo/ (the registry metadata did not) — that could indicate it expects local config access, and (5) verify any costs/credits and how tokens are used/expired. If you can't verify the source or data handling, consider not installing or only using dummy/test content.
Review Dimensions
- Purpose & Capability
- noteThe declared purpose (text-to-video generation) matches the API endpoints and flows described in SKILL.md and the single required credential (NEMO_TOKEN). However the SKILL.md frontmatter lists a required config path (~/.config/nemovideo/) while the registry metadata reported no required config paths — an inconsistency between packaging and runtime instructions that should be clarified.
- Instruction Scope
- concernInstructions tell the agent to create or use a bearer token, upload user files (up to 500MB) and send them to https://mega-api-prod.nemovideo.ai, start render jobs, read SSE streams, and poll state. Uploading arbitrary user files and session state to an external service is expected for this kind of skill, but it is sensitive: users' uploads and generated tokens will be sent off-platform. The doc also asks to auto-detect an install path for X-Skill-Platform attribution (vague) and requires specific attribution headers on every request — this is operationally fine but enforces outgoing requests that identify the skill. The instructions do not ask for unrelated local files or secrets, but the file-upload and token-creation behaviors are the primary privacy/risk surface.
- Install Mechanism
- okThere is no install spec and no code files — the skill is instruction-only. That minimizes disk/installation risk because nothing will be downloaded or written by an installer.
- Credentials
- noteOnly one env var (NEMO_TOKEN) is declared as required/primary, which is proportionate for a cloud API client. The SKILL.md also documents a fallback anonymous-token flow (generates a UUID and obtains a temporary token), which means the skill can operate without a user-provided secret. The discrepancy between the registry's 'no config paths' and the frontmatter's configPaths entry (~/.config/nemovideo/) should be resolved — requesting access to a user's config directory would be more sensitive and needs justification.
- Persistence & Privilege
- okalways is false and the skill does not request persistent platform-level privileges. Autonomous invocation is allowed (platform default) — combined with outbound network access this increases blast radius but is normal for an API-based generator. The skill does not claim to modify other skills or system-wide settings.