Skillv1.0.0

ClawScan security

Video Factory · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 28, 2026, 6:44 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's behavior (uploading user videos to a third‑party API) matches its description, but there are multiple small inconsistencies and ambiguous instructions (required env vs anonymous token flow, unexplained config path / install-path detection) that merit clarification before use.
Guidance: This skill will upload any videos you give it to a third‑party service at mega-api-prod.nemovideo.ai and use a NEMO_TOKEN to authenticate. Before installing: 1) Confirm the service/domain is legitimate and acceptable for your content (privacy/legal). 2) Ask the skill author to clarify: why is NEMO_TOKEN labeled 'required' when an anonymous token flow exists, and why does the frontmatter reference ~/.config/nemovideo/ and 'auto-detect' of install path? 3) If you don't want to tie this to an account, avoid setting a persistent NEMO_TOKEN and rely on the anonymous flow, but know anonymous tokens still grant the service access to uploads. 4) Do not use with sensitive or confidential videos until you verify the provider's data retention/privacy policy. 5) If possible, test with non-sensitive sample media first and monitor network requests. If the author cannot explain the config-path / install-path reads or the required-env mismatch, treat the skill cautiously.

Review Dimensions

Purpose & Capability: noteThe skill's stated purpose (batch video processing via a cloud API) aligns with the endpoints and flows in SKILL.md. Requesting a NEMO_TOKEN credential is reasonable for that purpose. However, the frontmatter references a local config path (~/.config/nemovideo/) that the registry metadata did not list, and the SKILL.md both treats NEMO_TOKEN as 'required' and documents an anonymous-token flow — those are inconsistent and deserve explanation.
Instruction Scope: concernThe instructions direct the agent to upload user-supplied video files to https://mega-api-prod.nemovideo.ai and to create/use session tokens — that is expected for a cloud render service but is a material privacy action (user files leave the machine). The SKILL.md also requires adding attribution headers where one header value is 'auto-detect: install path' (X-Skill-Platform), which implies the agent may need to inspect its installation path or environment; this is not documented elsewhere and could cause unexpected filesystem or environment reads. The doc explicitly says not to print tokens/raw JSON, which is good, but the scope of file/env access should be clarified.
Install Mechanism: okInstruction-only skill with no install spec or code files — lowest install risk. Nothing will be downloaded or written to disk by an install step.
Credentials: concernThe registry lists NEMO_TOKEN as a required environment variable / primary credential, which makes sense for a service token. But the SKILL.md also documents an anonymous-token flow (generate UUID → POST anonymous-token) if NEMO_TOKEN is not set. Declaring NEMO_TOKEN as required while providing an anonymous fallback is inconsistent and should be corrected. No other secrets are requested, which is proportionate to the task.
Persistence & Privilege: noteThe skill does not request 'always' presence and does not include install-time persistence. The only potential privileged action is the implied need to read an install path and a local config path (frontmatter), which could give it access to files under ~/.config/nemovideo/ or to the agent's install location — the purpose of those reads is not explained.