Skillv1.0.0

ClawScan security

Generation Generator · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 28, 2026, 1:34 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's behavior mostly matches a video-generation tool, but there are metadata and instruction inconsistencies and it will obtain and use tokens and send user files to an external API—you should review provenance, data-handling, and where credentials/sessions are stored before installing.
Guidance: This skill appears to implement a real text→video workflow, but it will contact an external service (mega-api-prod.nemovideo.ai), obtain/use a token (NEMO_TOKEN), and upload user media to that service. Before installing: 1) Prefer supplying your own NEMO_TOKEN (don’t let the skill auto-generate/persist credentials) if you trust the vendor; 2) Don’t upload sensitive content—files up to 500MB will be sent off-host; 3) Ask the publisher for provenance (homepage, privacy policy, source code, or company identity); 4) Confirm where session/token data will be stored (in-memory vs written under ~/.config/nemovideo/); 5) Verify data retention/processing and whether uploads are inspected or logged. The metadata mismatch (registry says no configPaths but SKILL.md lists one) and the lack of a verified source/homepage are the main reasons to treat this as suspicious. If the publisher identity and storage/retention practices are provided and sensible, confidence could rise to benign.

Review Dimensions

Purpose & Capability: noteName and description (generate videos from prompts/refs) align with the runtime instructions (upload, SSE chat, render/export endpoints). Requesting a single service token (NEMO_TOKEN) is expected for a cloud video API.
Instruction Scope: concernSKILL.md instructs the agent to auto-obtain anonymous tokens, create sessions, upload user media, and poll render endpoints on mega-api-prod.nemovideo.ai. It also describes deriving attribution headers from an install path and references a config path (~/.config/nemovideo/) in frontmatter — actions that could require reading/writing local state. The instructions additionally tell the agent to 'not display raw API responses or token values', which is an operational policy but also hides sensitive values from the user. The skill's runtime touches network, credentials, and local config semantics beyond a purely stateless prompt-to-render flow.
Install Mechanism: okInstruction-only skill with no installer and no code files. This minimizes on-disk install risk; network calls will occur at runtime to the third-party API.
Credentials: noteOnly NEMO_TOKEN is declared as the primary credential, which fits a hosted video API. However, SKILL.md frontmatter includes a configPaths entry (~/.config/nemovideo/) that is not listed in the registry-level required config paths—an inconsistency. The skill also instructs generating and storing an anonymous token if NEMO_TOKEN is absent, which implies creating/storing credentials locally or in-memory.
Persistence & Privilege: okalways is false and autonomous invocation is allowed (platform default). The skill requests session persistence for ongoing renders, which is reasonable for a render pipeline, but there is no explicit description of where session tokens are persisted (memory vs disk).