Skillv1.0.0

ClawScan security

Ai Video Maker Free Kiss · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 13, 2026, 9:28 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's behavior mostly matches a cloud video-rendering integration, but there are inconsistencies and privacy risks (automatic anonymous token acquisition, file uploads to an external API, and a metadata/config-path mismatch) that you should understand before installing.
Guidance: This skill will upload photos and videos you provide to an external service (mega-api-prod.nemovideo.ai) for cloud-based rendering. It will accept either a NEMO_TOKEN you set or obtain an anonymous token on your behalf and then send your media — so it can operate without a user-supplied credential. Before installing or using: 1) Confirm you trust the external domain and understand its privacy/retention policy; avoid uploading sensitive images. 2) Note the SKILL.md includes a config path (~/.config/nemovideo/) even though the registry metadata did not — ask the author whether the skill will read/write that path. 3) If you prefer not to allow automatic anonymous uploads, do not grant NEMO_TOKEN and avoid invoking the skill, or ask the provider to remove the anonymous-token flow. 4) Because this is instruction-only (no code to review), treat it as a remote-service bridge: verify the service's reputation before sending private media.

Review Dimensions

Purpose & Capability: okName/description align with runtime instructions: the SKILL.md describes creating videos from photos/clips via a remote API (upload, render, export). The required NEMO_TOKEN credential and the listed endpoints are coherent with a cloud video service.
Instruction Scope: concernInstructions explicitly instruct the agent to upload user files (multipart file paths or URLs) and to call remote endpoints that will process media. They also describe generating an anonymous token (UUID + POST) if no NEMO_TOKEN is present, which allows the skill to obtain credentials and transmit user files to the remote service without the user having provided a token. The file-upload examples use local filesystem paths (e.g. files=@/path) which implies the agent may need to access local files; the instructions do not clearly constrain or warn about transmitting sensitive content. Overall the scope is consistent with the stated purpose but carries notable privacy/exfiltration risk and lacks explicit user-consent guidance.
Install Mechanism: okNo install spec or code files are present (instruction-only), so nothing will be written to disk by an installer. This lowers execution-surface risk. There is no download-from-URL or package install to evaluate.
Credentials: noteThe skill declares a single primary env var (NEMO_TOKEN), which is appropriate for a third-party API. However, the SKILL.md frontmatter metadata also lists a config path (~/.config/nemovideo/) while the registry metadata reports no required config paths — an inconsistency. Also, the skill can obtain an anonymous token automatically, meaning it does not strictly need the user's credential to function; that design increases the chance it will send data to the external service even if the user has not provided credentials.
Persistence & Privilege: okalways is false and there is no install-time persistence. The skill is user-invocable and allows autonomous invocation (default platform behavior), which is normal; there is no evidence it attempts to modify other skills or system-wide settings.