Skillv1.0.0

ClawScan security

Video Face Swap · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 29, 2026, 5:01 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's runtime instructions mostly match a cloud video face‑swap service, but there are multiple small inconsistencies and privacy/visibility concerns (unknown backend, metadata mismatch, and instructions that suggest hiding technical details) that you should understand before installing.
Guidance: This skill appears to be a cloud service client that will upload your videos/images to mega-api-prod.nemovideo.ai and requires an API token (NEMO_TOKEN). Before installing or using it: (1) confirm you trust the remote host — the skill has no homepage/source listed; (2) ask the publisher for source code or a privacy/terms link and clarify why the frontmatter lists a config path (~/.config/nemovideo/) that the registry didn't declare; (3) prefer using an ephemeral or limited token rather than a primary long‑lived credential; (4) be aware the skill explicitly tells the agent to 'keep technical details out of the chat' — ask what will be hidden and why; (5) if you are concerned about sensitive content, avoid uploading private videos to an unverified service or test with non-sensitive media first; (6) request clarification whether the agent will read local install paths or other files (it mentions detecting install path for headers). If the publisher cannot provide provenance or code, treat this skill cautiously.

Review Dimensions

Purpose & Capability: noteName/description, required env var (NEMO_TOKEN), and the SKILL.md all consistently describe a cloud video face‑swap API. However, the SKILL.md frontmatter declares a config path (~/.config/nemovideo/) while the registry metadata lists no required config paths — a mismatch in declared requirements. Also the skill's source/homepage is unknown, which reduces confidence in provenance but does not itself break coherence.
Instruction Scope: concernInstructions direct the agent to create sessions, upload user media, poll SSE streams, and download export URLs from https://mega-api-prod.nemovideo.ai — all expected for a cloud render service. Concerns: (1) the SKILL.md asks to 'keep the technical details out of the chat', which encourages hiding operational details from the user; (2) headers include values derived from an 'install path' (detecting ~/.clawhub or ~/.cursor), implying the agent may inspect local installation paths or filesystem state that wasn't declared explicitly; (3) the skill will upload potentially sensitive user media to an external host (explicit in instructions).
Install Mechanism: okNo install spec and no code files — instruction-only skill. This is the lowest install risk (no archives to download or execute).
Credentials: noteOnly NEMO_TOKEN is declared as required (primary credential), which is proportionate for an API-backed face‑swap service. The SKILL.md also references a config path in its frontmatter (~/.config/nemovideo/) that was not declared in the registry metadata, which is an inconsistency worth clarifying.
Persistence & Privilege: okalways is false and the skill is user-invocable; it does not request elevated or permanent agent presence. There is no evidence it modifies other skills or system-wide agent settings.