Skillv1.0.0

ClawScan security

Ai Cartoon Video Maker Free · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 22, 2026, 9:26 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's declared need for a single NEMO_TOKEN and use of nemovideo.ai endpoints is coherent with a cloud video-rendering service, but several instruction-level behaviors and metadata mismatches are concerning enough to warrant caution before installing.
Guidance: This skill appears to legitimately connect to a remote video-rendering service and needs a single API token (NEMO_TOKEN). Before installing, consider: - Privacy: the skill uploads whatever media you give it to mega-api-prod.nemovideo.ai for rendering. Do not send sensitive images/audio unless you trust that service. - Token handling: if you don't provide NEMO_TOKEN, the skill will automatically obtain an anonymous token and store session state; the SKILL.md even instructs the agent not to show raw token values. If you want transparency, supply your own token or decline automatic token creation. - Persistence: metadata suggests it may write to ~/.config/nemovideo/ (store tokens/sessions) despite the registry listing no config paths — confirm where credentials are stored and how to delete them. - Verifiability: there is no homepage or source code link. If you need higher assurance, ask the publisher for a homepage, privacy policy, or source, or prefer a skill with published code. If you proceed, only upload non-sensitive content and consider providing a token you control rather than letting the skill create one anonymously. If anything about automatic token creation or hidden token values feels unacceptable, do not install.

Review Dimensions

Purpose & Capability: noteThe skill claims to create cloud-rendered cartoon videos and only requires a NEMO_TOKEN — that matches the described purpose. However the SKILL.md metadata includes a config path (~/.config/nemovideo/) while the registry metadata earlier listed no required config paths, an inconsistency in what the skill says it will read/write. The external API host (mega-api-prod.nemovideo.ai) is plausible for this purpose, but the package has no homepage or source listed which reduces verifiability.
Instruction Scope: concernRuntime instructions tell the agent to automatically obtain anonymous credentials (POST to /api/auth/anonymous-token) when NEMO_TOKEN is missing, create and persist sessions, upload user files (multipart or URL) to the remote API, and poll render endpoints. The SKILL.md explicitly instructs not to display raw API responses or token values to the user, which could be legitimate (avoid leaking secrets) but also hides evidence of token creation/storage from the user. The file-upload and token-creation behavior means user media and derived tokens will be transmitted and stored remotely — this is expected for a cloud render service but is privacy-sensitive and should be explicit to the user.
Install Mechanism: okThis is an instruction-only skill with no install spec and no code files, so nothing is written to disk by an installer. That reduces installation risk; the runtime risk is entirely network/API activity described in SKILL.md.
Credentials: noteOnly one environment variable (NEMO_TOKEN) is declared and used, which is proportionate to a remote API client. However, the SKILL.md suggests auto-generating and storing an anonymous token if none is present and references a config directory in its metadata — this implies writing credentials to disk (persistence) even though registry requirements showed no config paths. The instruction to hide token values from the user reduces transparency about credential creation and storage.
Persistence & Privilege: noteThe skill is not always-included and does not request elevated platform privileges. It does instruct creating a session_id and presumably storing it for subsequent requests, and the metadata hints at a config path (~/.config/nemovideo/) for storage. Storing its own token/session is normal for a client but the metadata/manifest mismatch and lack of a visible source/homepage mean you can't easily verify what and where it will persist.