Back to skill
Skillv1.0.0
ClawScan security
Text To Video Download · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
SuspiciousApr 26, 2026, 4:40 PM
- Verdict
- suspicious
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill mostly does what it says (send text and files to a cloud video-rendering API using a single NEMO_TOKEN), but there are small mismatches and filesystem-read instructions (install-path/config detection) that are unnecessary for the stated purpose and warrant caution.
- Guidance
- This skill appears to implement a cloud text→video workflow and only needs a NEMO_TOKEN (or it can request an anonymous token). Before installing, consider: 1) The API domain (mega-api-prod.nemovideo.ai) is external and will receive any uploaded files and text — don't send sensitive data unless you trust the service. 2) The SKILL.md asks the agent to read the skill frontmatter and detect your agent's install path and a local config path (~/.config/nemovideo/) to set attribution headers; that requires filesystem access and seems unnecessary for basic operation. Ask the author why install-path detection and that config path are needed and whether the skill will read or transmit any local files. 3) If you proceed, prefer using an ephemeral/limited token (or the anonymous token flow) and test with non-sensitive inputs first. If you require higher assurance, request the author provide a version of the instructions that does not probe local config paths or that documents exactly what files are read.
Review Dimensions
- Purpose & Capability
- noteName/description, the listed API endpoints, and the single required env var (NEMO_TOKEN) align with a text→video cloud rendering service. However the SKILL.md frontmatter includes a config path (~/.config/nemovideo/) and instructions to detect the agent's install path to set X-Skill-Platform; the registry metadata reported no required config paths. That mismatch is unexplained and not clearly needed for core functionality (producing downloads).
- Instruction Scope
- noteThe SKILL.md contains explicit runtime instructions to call external HTTPS APIs (session creation, SSE, upload, render polling), generate an anonymous token if NEMO_TOKEN is missing, save session_id, and stream SSE text to users. Those actions fit the stated purpose. It also directs the agent to read the skill's YAML frontmatter and to detect the agent's install path (~/.clawhub/, ~/.cursor/skills/, else unknown) to populate an attribution header — instructions that require probing the filesystem and are not strictly necessary for video rendering.
- Install Mechanism
- okThere is no install spec and no code files; the skill is instruction-only. That is the lowest-risk install model — nothing will be downloaded or written by an installer step.
- Credentials
- concernOnly one credential is requested (NEMO_TOKEN), which is proportional to a cloud API integration. However the frontmatter's configPaths entry (~/.config/nemovideo/) and the runtime requirement to detect install paths could allow access to local config files. The skill also instructs generating and storing session tokens. The extra filesystem access is not well justified by the described feature set.
- Persistence & Privilege
- okalways is false and there is no install-time persistence. The skill does instruct saving session_id for ongoing interactions (normal for a session-based API). Autonomous invocation (disable-model-invocation=false) is the platform default and is not by itself flagged.