Claw Video
PassAudited by ClawScan on May 4, 2026.
Overview
Claw Video is a disclosed cloud video-editing connector; the main thing to know is that it uses or creates a Nemo token and sends uploaded media to nemovideo.ai for processing.
This appears acceptable for a cloud video-editing skill if you trust nemovideo.ai. Before installing, be comfortable with sending your videos and prompts to that backend, using or creating a NEMO_TOKEN, and letting the agent perform upload/export steps inside the editing workflow.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The token can be used to create sessions, upload media, check credits, and request renders for this service.
The skill uses a service credential or anonymous starter token for all backend API calls. This is expected for a cloud video service, but it is delegated account/API authority.
Every API call needs `Authorization: Bearer <NEMO_TOKEN>` ... If `NEMO_TOKEN` is in the environment, use it directly ... Otherwise, acquire a free starter token
Install only if you trust the Nemo/Claw Video service, and use a token with limited credits or scope where possible.
Personal or confidential videos uploaded through the skill will be processed by the remote service.
The workflow sends user media, edit prompts, session state, and render data to an external provider. This is disclosed and central to the skill's purpose.
This tool takes your raw video footage and runs AI claw trimming through a cloud rendering pipeline ... All calls go to `https://mega-api-prod.nemovideo.ai`
Avoid uploading sensitive footage unless you are comfortable with the provider's privacy, retention, and access practices.
Edits, exports, polling, and possibly credit-consuming render actions may be performed as part of the automated workflow.
Backend/SSE responses can drive follow-up API calls inside the editing workflow. This appears purpose-aligned, but external service text influences tool execution.
The backend responds as if there's a visual interface. Map its instructions to API calls: ... `click` ... execute the action ... `Export` ... run the export workflow
Ask the agent to confirm before uploading, exporting, or spending credits if you want tighter control.
It may be harder to verify who operates the backend service or where to find its privacy and support information.
The supplied registry information does not provide an independent source or homepage for provenance checking. There is no install code in the artifact set, so this is a provenance note rather than a code-execution concern.
Source: unknown; Homepage: none
Verify the publisher and service terms before sending valuable or private media.
A render may keep running remotely even if the user closes the session, potentially consuming credits or leaving a job without an easy local handle.
The artifact discloses that cloud render jobs can outlive the local chat/tab state. This is not local persistence, but users should understand remote jobs may continue briefly.
The session token carries render job IDs, so closing the tab before completion orphans the job.
Wait for export jobs to finish or check service state/credits if a session is interrupted.