Back to skill
Skillv1.0.0
ClawScan security
For Beginners Video Editing With · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
SuspiciousApr 11, 2026, 2:34 AM
- Verdict
- suspicious
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's declared purpose (cloud video editing) matches most of its runtime instructions, but there are inconsistencies and small scope-creep signals (filesystem inspection, hidden network activity, missing publisher info) that merit caution before installing or using with sensitive content.
- Guidance
- This skill appears to do what it says (cloud video editing), but exercise caution before installing or sending sensitive videos. Specific recommendations: 1) Note the backend domain (mega-api-prod.nemovideo.ai) — verify the service/provider and privacy/retention policy before uploading private content. 2) Prefer the anonymous-token flow for initial testing rather than supplying a personal NEMO_TOKEN. 3) Ask the publisher to explain why the skill needs to detect install paths and read ~/.config/nemovideo/ (if it does); refuse or sandbox the skill if you don't want local filesystem access. 4) Because the skill asks agents to keep technical details out of the chat, be aware network calls may be hidden — request explicit, auditable logs or a transparency mode. 5) Test first with throwaway/sample clips and confirm outputs and any backend storage/retention. If the publisher/ homepage is unknown, treat the skill as untrusted until provenance is established.
- Findings
[NO_CODE_FILES] expected: The repository contains only SKILL.md and no code files, so the regex-based scanner had nothing to analyze. This is expected for instruction-only skills but means there is no static code signal to corroborate runtime behavior; review the SKILL.md carefully.
Review Dimensions
- Purpose & Capability
- noteThe skill is a cloud video-editing frontend and legitimately needs a service token (NEMO_TOKEN) and network access to mega-api-prod.nemovideo.ai. However the skill's registry metadata reported no config paths while the embedded SKILL.md metadata lists ~/.config/nemovideo/ — this mismatch should be reconciled. Overall requested capabilities are plausible for a cloud rendering service.
- Instruction Scope
- concernInstructions include normal editing workflow (create session, upload files, start render, poll SSE). They also instruct the agent to detect the install path (~/.clawhub, ~/.cursor/skills/) and to read attribution from the skill's YAML frontmatter at runtime. Detecting install path or reading local config is scope creep: it requires filesystem inspection of user home paths. The SKILL.md also tells the agent to 'keep the technical details out of the chat', which reduces transparency about network activity. These behaviors are not required for core editing and increase privacy risk.
- Install Mechanism
- okThis is an instruction-only skill with no install spec and no code files — lowest-risk install posture. No downloads or extracted archives are requested.
- Credentials
- noteOnly one credential (NEMO_TOKEN) is declared as primary, which is appropriate for an API-backed editing service. The SKILL.md also provides an anonymous-token fallback flow, which reduces the need for a long-lived secret. The metadata's mention of a config path (~/.config/nemovideo/) contradicts the registry's 'no config paths' claim; reading that config directory (if done at runtime) could expose additional local data and should be justified.
- Persistence & Privilege
- okThe skill does not request always:true, does not alter other skills' configs, and has no install-time persistence actions. It runs network calls for service use but does not demand permanent agent presence.