ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Free Avatar Video

v1.0.0

Cloud-based free-avatar-video tool that handles generating talking avatar videos from a text script without recording yourself. Upload TXT, DOCX, PDF, MP4 fi...

0· 57·0 current·0 all-time
by@linmillsd7
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description (generate avatar videos from text) aligns with the declared requirement for a single API token (NEMO_TOKEN) and the documented API endpoints. The declared config path (~/.config/nemovideo/) is consistent with a client that stores session or config files.
!
Instruction Scope
SKILL.md instructs the agent to obtain or use NEMO_TOKEN, create sessions, upload user files, stream SSE messages, poll render status, and save session_id — all expected for this service. However: (1) the file contains a pre-scan prompt-injection signal (unicode-control-chars), which can indicate attempts to hide or alter instructions; (2) the instructions ask the agent to infer an install path (to set X-Skill-Platform) even though this skill is instruction-only and has no install spec — that is odd and unnecessary; (3) the agent is instructed to 'connect to the processing API before doing anything else' which, if followed autonomously, could cause unsolicited network calls. These behaviors expand the agent's discretion and deserve review.
Install Mechanism
No install spec and no code files — lowest disk risk. The skill is instruction-only so no arbitrary archives or external installers are fetched.
Credentials
Only one required credential (NEMO_TOKEN) and a single config path are declared, which is consistent with a cloud-render service. The SKILL.md also documents an anonymous-token flow (POST to mega-api-prod.nemovideo.ai) that will create NEMO_TOKEN client-side. Requiring an API token is proportional, but consider that the agent will use that token autonomously if present.
Persistence & Privilege
always is false and autonomous invocation is allowed (default). The skill instructs saving session_id and tokens locally for use; this is reasonable for a session-based API, but combined with autonomous invocation it means the agent can perform API actions without per-call user confirmation. No evidence the skill modifies other skills or system-wide settings.
Scan Findings in Context
[unicode-control-chars] unexpected: The SKILL.md contained unicode control characters flagged as potential prompt-injection. Invisible/control characters are not expected for an API-integration instruction file and may be used to obfuscate or manipulate downstream parsers; review the raw file for hidden content before trusting it.
What to consider before installing
This skill largely does what it says (upload script/files, talk to nemovideo API, return MP4s). However: 1) inspect the SKILL.md raw text for hidden characters (unicode control chars) before installing; these can hide malicious instructions. 2) Only set NEMO_TOKEN if you trust the nemovideo service — the agent will use that token autonomously to call APIs and upload files. 3) Avoid uploading sensitive/private files unless you trust the backend domain (mega-api-prod.nemovideo.ai). 4) Because the skill will create and store session tokens, be prepared to revoke tokens/keys if unexpected activity appears. If you want higher assurance, request a skill that points to a known homepage/repo or provides an install spec from a reputable release host.

Like a lobster shell, security has layers — review code before you run it.

latestvk97at26n3fzgfndvs428ewm9qx84kjm7

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🧑‍💻 Clawdis
EnvNEMO_TOKEN
Primary envNEMO_TOKEN

Comments