Skillv1.0.0

ClawScan security

Image To Video Colab · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignApr 22, 2026, 8:26 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's declared purpose (upload images and get AI-rendered videos) matches its runtime instructions and the single requested credential (NEMO_TOKEN); nothing in the instructions or metadata indicates unexpected access or installation.
Guidance: This skill appears to do exactly what it says: it uploads images to nemovideo.ai and returns rendered videos, and it needs a NEMO_TOKEN to authenticate. Before installing/use: 1) Confirm you trust mega-api-prod.nemovideo.ai (privacy and retention of uploaded images matters). 2) Don’t upload sensitive or proprietary images unless you’re comfortable with that service’s policies. 3) If you don’t already have a NEMO_TOKEN, the skill can obtain a short-lived anonymous token — that’s normal but means your uploads go to their cloud. 4) Note the metadata lists a config path (~/.config/nemovideo/) though the instructions do not use it — ask the skill author why that path is declared. 5) Because the skill streams and uploads files, ensure your environment policy allows network/file uploads you expect. If any of these are a problem, do not install or provide your long-lived credentials; prefer anonymous usage or review the service’s terms first.

Purpose & Capability: okThe name/description describe a cloud-based image→video service and the SKILL.md only requests a single service token (NEMO_TOKEN) and documents API endpoints on mega-api-prod.nemovideo.ai — this is coherent with the stated purpose. Minor note: metadata lists a config path (~/.config/nemovideo/) but the instructions do not reference reading that path.
Instruction Scope: okInstructions are limited to: checking/obtaining NEMO_TOKEN (anonymous token flow), creating sessions, uploading files, streaming SSE, polling job state, and exporting results. The skill does not instruct reading unrelated system files, scanning shell history, or exfiltrating unspecified environment variables. It explicitly instructs not to expose tokens or raw API output.
Install Mechanism: okNo install spec or code files are present (instruction-only). That minimizes disk-write and supply-chain risk.
Credentials: noteOnly NEMO_TOKEN is required (declared as primaryEnv), which is appropriate for a cloud rendering API. The only oddity is the metadata-declared config path (~/.config/nemovideo/) which is not referenced in SKILL.md — this is inconsistent but not by itself dangerous.
Persistence & Privilege: okalways is false and the skill is user-invocable. It does not request permanent/always-on inclusion or modification of other skills or system-wide settings.