Skillv1.0.0

ClawScan security

Ai Image To Video A2e · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 15, 2026, 4:54 PM

Verdict: Benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill's requirements and runtime instructions are consistent with a remote AI image-to-video service (it only asks for a single NEMO_TOKEN and describes API calls to that service), but lack of a homepage/official source and a small metadata inconsistency warrant caution.
Guidance: This skill appears coherent: it sends user images to a remote nemovideo API and needs a NEMO_TOKEN or an anonymous token. Before installing or using it: 1) Note there is no homepage or published vendor info — consider this unverified software. 2) Don’t provide sensitive or private images (uploads go to an external service). 3) Prefer generating an anonymous token for testing rather than supplying long-lived/shared credentials. 4) Ask the author/vendor for a privacy/retention policy and billing/credit details (how long files are retained, whether data is used for model training, and whether exports may be blocked by tier). 5) Verify the API hostname (mega-api-prod.nemovideo.ai) and TLS certs if you can, and test with non-sensitive samples first. If the owner or domain cannot be verified, treat the skill as untrusted for sensitive content.

Review Dimensions

Purpose & Capability: okThe name/description match the runtime instructions: everything described is about sending images and commands to a remote 'nemovideo' API and receiving rendered videos. Requiring a NEMO_TOKEN (the service auth) is proportionate. Minor inconsistency: registry metadata earlier listed no required config paths, but the skill frontmatter metadata references a config path (~/.config/nemovideo/) — this is likely informational but should be clarified.
Instruction Scope: okSKILL.md confines actions to establishing anonymous or token auth, creating a session, sending SSE messages, uploading files, polling renders, and returning download URLs. It does not instruct the agent to read unrelated local files or unrelated environment variables. It does instruct the agent to detect its install path (to set an X-Skill-Platform header) and to read this file's YAML frontmatter for attribution — both are reasonable and confined to the skill's operation.
Install Mechanism: okThis is an instruction-only skill with no install spec and no code files, which is the lowest-risk install model. There are no downloads or package installs described.
Credentials: okOnly one credential is requested: NEMO_TOKEN (declared as primaryEnv). The instructions also support generating a short-lived anonymous token when NEMO_TOKEN is absent. No unrelated secrets or additional environment variables are requested. This is proportionate to the stated purpose.
Persistence & Privilege: okThe skill is not marked always:true and does not request system-wide privileges. It asks to save session_id for job tracking (expected for session-based APIs). Autonomous invocation is allowed by default but is not combined with other red flags here.