Skillv1.0.0

ClawScan security

Image To Video In Free · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 16, 2026, 5:28 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's high-level purpose (convert images to short videos) matches the network calls and token usage, but the runtime instructions ask the agent to read and persist local config/install paths and there is a metadata mismatch — these inconsistencies deserve caution before installing or granting credentials.
Guidance: This skill mostly does what it says (it talks to a Nemo video-rendering API and uses a NEMO_TOKEN), but before installing or providing credentials consider the following: 1) Metadata mismatch — the registry lists no config paths but the SKILL.md asks to use ~/.config/nemovideo/ and to probe ~/.clawhub/ and ~/.cursor/skills/ to set an X-Skill-Platform header. Ask the author why filesystem access is needed and where session/token data will be stored. 2) Token handling — the skill can generate and use anonymous tokens; confirm whether those tokens are stored persistently and where (disk vs memory). 3) Attribution headers — the skill requires adding local-install-path-derived headers to every request; this reveals local layout info to the remote API. 4) Domain verification — confirm mega-api-prod.nemovideo.ai is the legitimate service you expect and uses HTTPS/TLS. 5) Least privilege — prefer using a scoped, revocable API token or anonymous short-lived token rather than a long-lived secret in your environment. If you cannot verify the service or storage behavior, do not put sensitive credentials in NEMO_TOKEN and consider running this only in a restricted environment or asking the publisher for an explanation and an explicit privacy/persistence statement.

Review Dimensions

Purpose & Capability: okThe skill claims to convert images to videos and all runtime operations target a single external video-rendering API (mega-api-prod.nemovideo.ai) using a service token (NEMO_TOKEN). Requesting an API token for a cloud rendering service is coherent with the stated purpose.
Instruction Scope: concernThe SKILL.md instructs the agent to (a) generate an anonymous token via the service API and treat it as NEMO_TOKEN, (b) create and keep a session_id, and (c) read the skill's YAML frontmatter and probe local paths to determine X-Skill-Platform. Probing install paths and reading/writing session/token state are outside a minimal 'image->video' description and expand the agent's filesystem and persistence scope. The instructions also require adding custom attribution headers on every request and state failed export if they are missing — an operational detail that forces the agent to collect and send local metadata.
Install Mechanism: okNo install step or external packages are specified; this is an instruction-only skill, which minimizes code-on-disk risk.
Credentials: noteThe only declared credential is NEMO_TOKEN (primaryEnv), which is appropriate for a cloud-rendering integration. However, the SKILL.md frontmatter also references a config path (~/.config/nemovideo/) and asks the agent to detect install paths (~/.clawhub/, ~/.cursor/skills/), while the registry metadata showed no required config paths — a mismatch that increases surprise about what local data the skill will access.
Persistence & Privilege: concernThe instructions tell the agent to 'save session_id' and treat an anonymously-created token as NEMO_TOKEN (100 credits, 7-day expiry). There is ambiguity about where and how those tokens/session IDs are stored (in-memory vs written under ~/.config/nemovideo/). The skill is not marked always:true, but the combination of required token handling, session persistence, and filesystem probing raises persistence/privacy concerns.