Online Youtube Video Editor

This skill appears coherent for remote video editing, but review the following before installing: - NEMO_TOKEN: The skill uses an API token. It can be auto-requested (anonymous token) or you can supply your own. Treat that token like any API credential — avoid sharing it and revoke it if you suspect misuse. - Local file: The skill will create ~/.config/nemovideo/client_id containing a UUID to avoid rate limits. This is non-secret but persistent. If you don't want files written, create that file yourself or empty the directory after use. - Headers may leak context: The SKILL.md requires X-Skill-Source/X-Skill-Version/X-Skill-Platform headers. X-Skill-Platform may be inferred from the skill file path — this could reveal which platform or install path the skill was loaded from. If you are concerned about leaking path/platform info, set SKILL_SOURCE explicitly to a sanitized value or verify how the agent populates that header. - Metadata mismatch: The skill metadata marks NEMO_TOKEN as required but the documentation implies it can be auto-generated — expect to receive temporary anonymous tokens (7-day expiry). Confirm the token model and limits on nemovideo.com so you understand privacy/retention and quotas. - Privacy and trust: The skill talks to mega-api-prod.nemovideo.ai / nemovideo.com. Verify the service reputation and privacy policy before sending sensitive footage (especially private or copyrighted content). - Operational advice: Prefer to use an account/token you can revoke, avoid sending highly sensitive footage until satisfied with the service, and check exported outputs in a sandbox before publishing. If you want a stricter assessment, provide the full rest of the SKILL.md (truncated sections) or any additional runtime examples so I can inspect for unexpected data exfiltration or other API endpoints.