Skillv1.0.1

ClawScan security

Free Ai Video Generator · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 8, 2026, 7:17 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill mostly matches a text/image→video service, but there are inconsistencies about config paths and it instructs automatic token creation and persistent storage which deserve a closer look before installing.
Guidance: This skill behaves like a client for a third‑party video generation API and will perform network calls, upload files you provide, and persist an anonymous token and session id (the SKILL.md mentions ~/.config/nemovideo/). Before installing, confirm you trust the domain (mega-api-prod.nemovideo.ai), whether you are comfortable the agent will upload local files you provide, and whether automatic token creation and storage (in a config path) is acceptable. Ask the maintainer to resolve the inconsistency between the registry metadata and the SKILL.md (explicitly declare any config paths the skill will read/write) and to document how/where tokens/sessions are stored and how to revoke them.
Findings: [no-findings] expected: The static regex scanner found no code to analyze (instruction-only SKILL.md). Lack of findings is expected for instruction-only skills but does not imply safety.

Review Dimensions

Purpose & Capability: noteThe declared primary credential (NEMO_TOKEN) and the SKILL.md's API endpoints align with a video-generation backend. However the SKILL.md frontmatter references a config path (~/.config/nemovideo/) that the registry metadata did not list as a required config path — an inconsistency between what's declared and what the runtime instructions expect.
Instruction Scope: noteInstructions require network requests to mega-api-prod.nemovideo.ai, URI-encoded uploads (including local file path multipart uploads), SSE streaming, and creation/storage of session_id and token. Those actions are consistent with uploading media and job state, but the instructions also tell the agent to auto-generate and persist a token and to detect an install path for X-Skill-Platform headers (which may require reading local paths). These are within the service purpose but broaden the agent's allowed IO (filesystem reads/writes + outbound network) — the user should be aware of that scope.
Install Mechanism: okThis is an instruction-only skill with no install spec and no third-party downloads or binaries. That minimizes installation risk.
Credentials: noteThe only declared environment secret is NEMO_TOKEN, which fits a third-party API. The SKILL.md also instructs obtaining an anonymous token automatically if none is present and storing session_id/token for subsequent calls (and the frontmatter hints at a config path). Requiring write/read access to a config directory (to persist token/session) is reasonable for a client but should be explicitly declared — the registry lacked that configPath declaration. No unrelated credentials are requested.
Persistence & Privilege: concernThe skill instructs creating/storing an anonymous NEMO_TOKEN and a session_id and references a config directory. Although the skill is not 'always:true', persisting tokens/sessions to disk or agent config increases persistence and blast radius if the backend or token handling is abused. The mismatch between registry (no config paths) and SKILL.md (explicit config path) is concerning because it hides the intended persistence location.