Skillv1.0.0

ClawScan security

Free Music Ai Generator · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 27, 2026, 8:48 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill generally does what it says (remote video/music rendering) and only needs a single API token, but the runtime instructions ask the agent to probe local install/config paths and to contact an external anonymous-token endpoint — plus there's a small metadata mismatch — so you should review those behaviors before installing.
Guidance: This skill appears to do what it says (remote music + video rendering) and only needs an API token, but it also instructs the agent to probe certain local paths (~/.clawhub, ~/.cursor, ~/.config/nemovideo/) to populate attribution headers and will contact an external anonymous-token endpoint if no token is provided. Before installing: (1) consider whether you're comfortable the agent may check for those local paths (this reveals whether certain tools/configs exist), (2) avoid putting sensitive credentials in NEMO_TOKEN unless you trust the service, (3) ask the developer for source or a homepage if you need more assurance, and (4) if unsure, run the skill in a restricted/sandboxed environment or deny filesystem access so it cannot probe local directories. If you plan to provide a long-lived token, rotate it later and limit its permissions if possible.

Review Dimensions

Purpose & Capability: noteThe skill's stated purpose (generate music-backed videos) aligns with the single required credential NEMO_TOKEN and the described API calls. However the SKILL.md frontmatter declares a config path (~/.config/nemovideo/) and the instructions derive headers from local install paths (e.g., ~/.clawhub/, ~/.cursor/), which is not essential to core functionality and is inconsistent with the registry summary that listed no required config paths.
Instruction Scope: concernThe instructions direct the agent to call external APIs (expected) and to upload user media (expected). They also tell the agent to detect local install locations and a local config path in order to populate attribution headers, which requires reading the filesystem and leaks local environment details. The instructions include an anonymous-token flow (POST to https://mega-api-prod.nemovideo.ai/api/auth/anonymous-token) if NEMO_TOKEN is not present — this is functional but causes network contact to a third-party and creates tokens tied to the client id. There are no steps that request unrelated credentials, but filesystem probing and automatically obtaining tokens are broader than strictly necessary.
Install Mechanism: okThis is an instruction-only skill with no install spec and no code files, so nothing is written to disk by an installer. That's the lowest-risk install mechanism.
Credentials: noteOnly NEMO_TOKEN is declared as required and it is appropriate for an external API. However the SKILL.md metadata and instructions reference a config path (~/.config/nemovideo/) and expect to detect install directories to populate headers; those imply reading local files or probing paths outside the skill's primary need and are not well-justified in the description.
Persistence & Privilege: okThe skill does not request always:true and does not ask to alter other skills or system-wide settings. Autonomous invocation is allowed by default but is not combined with excessive credential requests here.