Ai Edit Video
PassAudited by ClawScan on May 11, 2026.
Overview
This skill coherently uses a NemoVideo cloud API to edit user-provided videos, but users should know their media and token/session data are sent to that service.
This appears safe to use for its stated purpose if you trust the NemoVideo service. Before installing or invoking it, be aware that your footage and prompts will be uploaded for cloud processing, use a dedicated token when possible, and avoid sending sensitive or confidential media unless you have reviewed the provider's terms.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may start a provider session and perform edit/status/export-related API actions as part of the workflow rather than asking for confirmation at every step.
The skill directs the agent to make automatic provider API calls and to translate backend UI-style instructions into API actions. This is purpose-aligned for cloud editing, but it is still automated tool use the user should understand.
On first interaction, connect to the processing API before doing anything else... The backend responds as if there's a visual interface. Map its instructions to API calls: "click" ... execute the action via the relevant endpoint
Use the skill when you intend to use the NemoVideo service, and ask for confirmation before uploads, exports, or credit-consuming actions if the footage or account matters.
The agent can use the configured or generated NemoVideo token to create sessions, check credits, upload media, and request renders for that service.
The skill needs a NemoVideo bearer token or generated anonymous token and declares a provider-specific config path. This credential use is expected for the service and the skill says not to print tokens.
requires: {"env": ["NEMO_TOKEN"], "configPaths": ["~/.config/nemovideo/"]}... All requests must include: Authorization: Bearer <NEMO_TOKEN>Prefer a dedicated or low-privilege token if available, do not share the token in chat, and rotate or revoke it if you see unexpected activity.
Videos, images, audio, prompts, and related editing state may be processed by the remote provider and could include private faces, voices, locations, or business content.
The skill sends user-selected media to the external NemoVideo API for server-side processing. This is central to the product, but it crosses a data boundary.
All rendering happens server-side... /api/upload-video/nemo_agent/me/<sid> | POST | Upload a file (multipart) or URL.
Only upload media you are comfortable sending to the provider, and review the provider's privacy and retention terms before using sensitive footage.
You may have less independent information to verify who published the skill or whether it is officially connected to the NemoVideo service.
The artifacts do not identify a homepage or source repository for verifying publisher provenance. The absence of installable code reduces the supply-chain risk, but provenance is still limited.
Source: unknown; Homepage: none; No install spec — this is an instruction-only skill.
Verify that you trust the publisher and the `mega-api-prod.nemovideo.ai` service before providing tokens or uploading valuable or private footage.