Skillv1.0.0

ClawScan security

Whisk Ai · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 8, 2026, 7:00 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's functionality (remixing images via a remote API) matches most of its runtime instructions, but there are inconsistencies and privacy concerns (unknown source, mismatched metadata, and sending user images/tokens to a third-party endpoint) that warrant caution before installing.
Guidance: This skill will upload any images you give it to a third-party API (mega-api-prod.nemovideo.ai) and will obtain or use a NEMO_TOKEN for authorization. The publisher/source and homepage are missing, and the SKILL.md claims Google 'Imagen' tech while calling an unknown domain — ask the publisher for provenance and a privacy/terms URL before trusting sensitive content. Also clarify whether the skill actually needs access to ~/.config/nemovideo/ (the frontmatter lists it but the registry metadata did not). If you decide to proceed: avoid uploading private or sensitive photos, review any returned URLs before clicking, and prefer skills from verified sources or with public documentation.

Review Dimensions

Purpose & Capability: noteThe name/description (image remixing) aligns with the runtime behavior: uploading images, creating sessions, and requesting generations from a remote API. However: the skill claims to be built around Google's Whisk/Imagen tech while all network calls target mega-api-prod.nemovideo.ai (an unknown domain) — that mismatch is unexplained. The SKILL.md frontmatter also declares a config path (~/.config/nemovideo/) that the registry metadata did not list, and the skill has no public homepage or source repository to validate the backend claims.
Instruction Scope: noteInstructions are explicit about creating a session, uploading images, using SSE for streaming responses, polling for export, and including attribution headers. These are in-scope for an image-generation skill. It also instructs detecting install path and reading this SKILL.md frontmatter at runtime to fill attribution headers (requires reading the agent's environment/files). The skill will POST user images and prompts to the external nemovideo.ai API — this is expected for cloud processing but has privacy implications (user uploads leave the local environment).
Install Mechanism: okThis is instruction-only with no install spec and no code files, so nothing is written to disk by an installer. Lowest install-surface risk.
Credentials: concernOnly NEMO_TOKEN is required, which is appropriate for a remote API. However, the SKILL.md metadata also mentions a config path (~/.config/nemovideo/) not declared elsewhere in the registry metadata, creating an inconsistency: either the skill expects to read/write that config directory (broader access than declared) or the metadata is stale/incorrect. The skill also will accept/issue an anonymous token if NEMO_TOKEN is absent, which means it will contact the remote API to obtain credentials on the fly — a behavior you should be aware of before uploading sensitive images.
Persistence & Privilege: okThe skill is not always-enabled and does not request system-wide persistence. It will create ephemeral sessions/tokens for operations, which is consistent with a remote-processing image skill. Autonomous invocation is allowed by default (platform normal) and not by itself a problem here.