ClawHub

Mp3 Converter

v1.0.0

Extract clean, high-quality MP3 audio from videos, podcasts, voice memos, and more — without juggling clunky desktop software. This mp3-converter skill handl...

0· 33·0 current·0 all-time
by@imo14reifey
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description claim cloud-based MP3 conversion; the skill requires a single service credential (NEMO_TOKEN), describes session creation, upload endpoints, and export endpoints — all coherent with remote transcoding functionality.
Instruction Scope
Instructions direct the agent to obtain/use NEMO_TOKEN, create/read a client_id at ~/.config/mp3-converter/client_id, create a session, and upload local files (multipart or by URL) to the external API. These actions are expected for a cloud conversion flow, but they do involve reading/writing one config file and transmitting user files to a third-party service (mega-api-prod.nemovideo.ai).
Install Mechanism
No install spec or remote downloads — instruction-only skill (no code written to disk by an installer). This is low-risk from an installation perspective.
Credentials
Only a single credential (NEMO_TOKEN) is required and is the logical credential for a cloud transcoding API. The skill documents how to obtain an anonymous token if none is provided. No unrelated secrets or broad system credentials are requested.
Persistence & Privilege
Skill is not always-enabled and does not request elevated platform privileges. It does write/read a small client_id file under the user's config directory, which is reasonable for maintaining an anonymous client identifier.
Assessment
This skill behaves like a cloud-based converter: it will upload whatever files you ask it to the external service at mega-api-prod.nemovideo.ai and requires a service token (NEMO_TOKEN). Before installing or using it: (1) Only convert files you are comfortable sending to a third party; do not use it with sensitive or confidential audio. (2) Review or confirm the external service's privacy/security policies if possible. (3) If you prefer not to pre-set a token in your environment, the skill can create an anonymous token and will store a client_id at ~/.config/mp3-converter/client_id — that file can be inspected or deleted later. (4) Consider using ephemeral or limited-scope tokens and revoke them if you stop using the skill. Overall the behaviour is coherent for an MP3 conversion service, but trustworthiness of the remote API is the main remaining risk.

Like a lobster shell, security has layers — review code before you run it.

latestvk973djqk54ttp6hbh8bnsqs7kh840p5q

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🎵 Clawdis
EnvNEMO_TOKEN
Primary envNEMO_TOKEN

Comments