Skillv1.0.0

ClawScan security

Openclaw Video · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

ReviewApr 15, 2026, 5:29 AM

Verdict: Review
Confidence: medium
Model: gpt-5-mini
Summary: The skill's stated purpose (remote AI video editing) matches most instructions, but there are several mismatches and ambiguous behaviors around credential handling, metadata, and where/how uploads and tokens are stored that should be clarified before installing.
Guidance: This skill appears to do what it says (upload your video to a remote GPU service and return edited clips), but there are a few unclear and potentially risky points you should confirm before installing or using it: - Confirm domain and operator: mega-api-prod.nemovideo.ai is an unknown third-party endpoint in the package metadata. Verify the vendor, review their privacy/security policy, and confirm how long uploaded videos and generated assets are retained and whether they are encrypted at rest and in transit. - Credential handling: the registry marks NEMO_TOKEN as required, but the skill can create an anonymous token automatically. Ask whether tokens or session IDs are ever written to disk (e.g., ~/.config/nemovideo/ or agent config). Prefer ephemeral (in-memory) storage if you care about secrets persistence. - Attribution and environment reads: the skill will detect an install path to set X-Skill-Platform headers; ask whether any other local files or environment variables will be read. That behavior can reveal environment structure. - Sensitive content: any video you upload goes to their servers — do not upload sensitive/proprietary/personal videos until you confirm retention and access controls. - Error and rate-handling: tokens expire after 7 days; anonymous tokens have limited credits. Confirm whether re-auth flows require any additional user information. Given the mismatches (declared required env vs auto-provision flow, metadata configPath absent from registry, and unclear token persistence), treat this skill with caution and get clarification from the author or vendor on token storage, data retention, and operator identity before using it with sensitive content.

Review Dimensions

Purpose & Capability: noteThe skill's functionality (upload raw video, request edits, receive processed MP4) aligns with the declared purpose. Requesting a service token (NEMO_TOKEN) is expected for a cloud video service. However, the registry marks NEMO_TOKEN as 'required' while the SKILL.md describes automatically obtaining an anonymous token if NEMO_TOKEN is not present — this is an inconsistency about whether a pre-existing credential is actually required. The SKILL.md also contains metadata listing a config path (~/.config/nemovideo/) that the registry did not list; that mismatch is unexplained.
Instruction Scope: noteRuntime instructions tell the agent to upload user video files and metadata to a remote domain (mega-api-prod.nemovideo.ai) and to stream and poll SSE endpoints. Those actions are appropriate for remote rendering. Concerning details: SKILL.md instructs the agent to detect the agent install path to set an attribution header (X-Skill-Platform) which requires reading local path contexts; it also instructs to 'store the returned session_id' but does not say where (in-memory, agent config, disk). The instructions explicitly say not to show raw token/API responses to users, which is good, but ambiguity about persistent storage and exact local reads is a scope risk.
Install Mechanism: okThis is an instruction-only skill with no install spec or code files, so nothing will be downloaded or written by an installer. That minimizes install-time risk.
Credentials: concernOnly one credential is declared (NEMO_TOKEN), which is proportionate for a cloud API. But the SKILL.md both checks for NEMO_TOKEN and supplies an anonymous token flow if missing — a mismatch with the registry's 'required' declaration. The skill metadata also references a config path (~/.config/nemovideo/) that was not listed in registry requirements. The agent will add attribution headers and may detect local install paths (potentially exposing environment layout). It's unclear whether returned tokens/session IDs will be persisted to environment/config files or kept ephemeral; lack of clarity increases risk of credential persistence/exfiltration.
Persistence & Privilege: okalways:false and normal autonomous invocation settings. The skill does not request elevated system privileges or claim to modify other skills. The primary persistence question is whether it will store tokens/session IDs on disk (not specified) — this is an implementation detail rather than a declared privilege, but should be clarified.