ClawHub

Qwen Ai

v1.0.4

Unlock deep video understanding with qwen-ai on ClawHub. This skill connects Alibaba's Qwen multimodal language model to your video files, enabling natural-l...

0· 92·0 current·0 all-time
by@imo14reifey
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The skill claims to connect videos to a remote Qwen-based video-analysis service and its declared primary credential (NEMO_TOKEN), optional API URL, and config path (~/.config/nemovideo/) all align with that purpose. Nothing requested (no unrelated cloud credentials or system-wide access) appears out of scope for a cloud video-processing integration.
Instruction Scope
Runtime instructions direct the agent to greet users, obtain or use NEMO_TOKEN, persist a UUID client_id at ~/.config/nemovideo/client_id, and call the nemovideo API endpoints (e.g., anonymous-token, upload, export). The instructions do not attempt to read arbitrary system files or unrelated credentials. Note: the skill will transmit user video and derived artifacts to the external nemovideo API by design — this is expected for the stated functionality but has privacy implications.
Install Mechanism
This is an instruction-only skill with no install spec or code files. No binaries are downloaded or written to disk by an installer, which minimizes install-time risk.
Credentials
The only credential surface is NEMO_TOKEN (primary) and optional NEMO_API_URL / NEMO_WEB_URL / NEMO_CLIENT_ID, which are proportionate to a cloud API client. The skill auto-generates and persists a non-secret client_id (UUID) to avoid rate limits; that behavior is reasonable for this service. It does not request unrelated tokens/keys.
Persistence & Privilege
The skill writes a single non-secret file (~/.config/nemovideo/client_id) and may keep an in-session NEMO_TOKEN (anonymous token valid ~7 days). always is false and the skill does not request elevated or system-wide privileges. Persisting the client_id is normal but does create a persistent identifier linking sessions to your machine.
Assessment
This skill appears to be what it says: it uploads video content to nemovideo.ai for analysis and uses an anonymous or provided NEMO_TOKEN. Before installing, consider privacy and confidentiality: any video you send is transmitted to the external service (check their privacy/TOS). If you have sensitive footage, do not allow uploads or use your own managed account token and review the vendor's security policy. Note the skill will create ~/.config/nemovideo/client_id (a non-secret UUID) and will obtain an anonymous token (valid ~7 days) unless you supply your own NEMO_TOKEN; you can revoke tokens via the service. If you need stronger assurance, inspect the service endpoints (mega-api-prod.nemovideo.ai) and the public repository linked in the metadata before use.

Like a lobster shell, security has layers — review code before you run it.

latestvk976m2mh1fkraz3tsph89n9zpn83q8bf

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🧠 Clawdis
Primary envNEMO_TOKEN

Comments