Back to skill
Skillv1.0.0
ClawScan security
Image To Video Offline · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
SuspiciousApr 23, 2026, 4:19 AM
- Verdict
- suspicious
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill claims 'offline' processing but its runtime instructions clearly call out to cloud APIs and request a NEMO_TOKEN and access to a user config path — those mismatches and the network behavior warrant caution.
- Guidance
- This skill will upload your images and session data to mega-api-prod.nemovideo.ai and uses a NEMO_TOKEN (it can also mint an anonymous token automatically). Key things to consider before installing: 1) The name/description say 'offline' but the skill performs cloud rendering — do you consent to uploading images and possibly sensitive content? 2) The metadata asks for a config path (~/.config/nemovideo/) which seems unnecessary; ask the publisher why that path is needed. 3) Verify the service domain and its privacy/data retention policy; test with non-sensitive images first. 4) Prefer supplying your own token with limited scope rather than letting the skill generate anonymous credentials. If you need clarification from the author (source is unknown), request their homepage/privacy policy and justification for the configPath and the offline claim; if they cannot explain the mismatch, avoid installing.
Review Dimensions
- Purpose & Capability
- concernThe skill is named and marketed as 'offline' but the SKILL.md repeatedly instructs the agent to create sessions and upload files to https://mega-api-prod.nemovideo.ai for cloud GPU rendering. Requiring a networked API token (NEMO_TOKEN) and an API base contradicts the 'offline' claim. The metadata also requests a config path (~/.config/nemovideo/), which is not justified by the stated offline purpose.
- Instruction Scope
- concernRuntime instructions direct the agent to: POST to multiple API endpoints, upload user files (multipart or by URL), read and save session_id, stream SSE responses, poll render jobs, and include custom attribution headers. These actions will transmit user images and metadata to an external service. The SKILL.md does not instruct reading unrelated system files, but it asks the agent to auto-detect platform from install paths and the metadata lists a configPath, which implies file-system access beyond what an 'image converter' should need.
- Install Mechanism
- okThis is an instruction-only skill with no install script or downloaded code, which minimizes on-disk risks. However the skill performs network I/O to a nonstandard third-party API (nemovideo.ai), which is expected for a cloud service integration but still an external dependency to trust.
- Credentials
- concernThe declared single credential, NEMO_TOKEN, is reasonable for an API integration. But metadata also requests access to a user config path (~/.config/nemovideo/) which is disproportionate to a simple image-to-video converter and could expose unrelated local data. The instructions also tell the agent to generate an anonymous token automatically if NEMO_TOKEN is not set, enabling network operations without an explicit user-provided credential.
- Persistence & Privilege
- okalways is false and there is no install-time persistence or modifications to other skills. The skill will store a session_id for ongoing jobs (normal for a remote-rendering service) but it does not request elevated platform privileges.