No Login Video
PassAudited by ClawScan on Apr 30, 2026.
Overview
This appears to be a coherent cloud video-editing skill, but it sends media and prompts to a NemoVideo backend using a bearer token and cloud render sessions.
Use this skill if you are comfortable sending your videos and editing instructions to the NemoVideo cloud backend. Avoid sensitive recordings, protect NEMO_TOKEN, verify export or upgrade terms before uploading important media, and let render jobs finish to avoid orphaned sessions.
Findings (8)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the backend response is wrong or unexpected, the agent could perform an unintended video-editing action within the service.
The remote backend's text can become instructions for subsequent API actions. This is purpose-aligned for the video workflow, but users should know the backend can steer the agent's next calls.
The backend responds as if there's a visual interface. Map its instructions to API calls: - "click" or "点击" → execute the action via the relevant endpoint
Keep backend-directed actions limited to the documented video-editing endpoints and confirm unexpected export, account, or registration actions.
A selected file or URL will be sent to the external processing backend.
The skill uses remote upload operations for files or URLs. This is expected for video editing, but upload scope should remain limited to user-provided media.
Upload: POST `/api/upload-video/nemo_agent/me/<sid>` — file: multipart `-F "files=@/path"`, or URL: `{"urls":["<url>"],"source_type":"url"}`Only provide media you intend to upload to the NemoVideo service, and avoid giving broad local file paths.
Anyone with the token may be able to use the associated NemoVideo credits or session access during its validity window.
The skill creates or uses a bearer token credential for the video service. This is proportionate to the cloud backend, but the token should be treated as sensitive.
Generate a random UUID as client identifier. POST to `https://mega-api-prod.nemovideo.ai/api/auth/anonymous-token` ... The response `data.token` is your NEMO_TOKEN — 100 free credits, valid 7 days.
Do not share NEMO_TOKEN values, and prefer a dedicated token for this skill.
You must trust the remote service operator with uploaded media and processing results without much provenance information in the registry metadata.
The skill has no local install code, but the published source and homepage provenance are not provided while the workflow depends on an external service.
Source: unknown; Homepage: none
Verify the service/operator independently before uploading sensitive or unreleased videos.
Using the wrong session could result in edits or exports being applied to the wrong project state.
The skill reuses session state across requests. This is needed for a video project, but stale or mixed session state could affect later edits or exports.
Store the returned `session_id` for all subsequent requests.
Start a fresh session for unrelated projects and avoid mixing different users' or projects' media in one session.
Your editing instructions and uploaded media are processed by an external backend, which may matter for private or proprietary videos.
The skill communicates with a remote agent-style backend endpoint. The artifacts specify HTTPS and bearer authorization, but prompts and workflow context still leave the local environment.
Send message (SSE): POST `/run_sse` — body `{"app_name":"nemo_agent","user_id":"me","session_id":"<sid>"...}` with `Accept: text/event-stream`.Use this only for media you are comfortable sending to the NemoVideo backend, and avoid highly sensitive recordings.
A cloud render job may continue or become hard to recover if interrupted.
Render jobs can become detached if the session is interrupted, and no cancellation or cleanup flow is shown in the provided instructions.
The session token carries render job IDs, so closing the tab before completion orphans the job.
Wait for exports to complete before closing the session, and add or request a clear cancel/cleanup flow if using this heavily.
You may upload media before discovering that some export paths require registration or an upgraded plan.
The no-login/free-export positioning has disclosed caveats. This is not deceptive by itself, but users should not assume export will always be free or account-free.
"trim the clip, add captions, and export without signing up" ... "Free plan export blocked ... Register or upgrade your plan to unlock export."
Check credit, account, and export limits before uploading important media.