Skillv1.0.0

ClawScan security

Generator Chrome Extension · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 28, 2026, 4:15 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's behavior mostly matches a browser-based video-generation service, but there are metadata inconsistencies and some instructions (anonymous token flow +
Guidance: Before installing, consider the following: - This skill uploads user files (videos, images, audio) and sends them to https://mega-api-prod.nemovideo.ai for cloud rendering. Don’t upload sensitive or private files unless you trust that domain/service. - The skill declares NEMO_TOKEN as the primary credential but also documents an anonymous-token fallback flow (it will generate a UUID and POST to obtain a temporary token). That means the agent may obtain credentials and contact the remote API automatically if you don’t provide a token — be aware of automatic network requests. - SKILL.md frontmatter lists a local config path (~/.config/nemovideo/) although the registry metadata did not. Ask the author whether the skill will read or write local config files before granting access. - The doc instructs the agent to “keep the technical details out of the chat,” which may hide network operations from the user. Prefer skills that explicitly disclose when they upload files or create sessions. - Verify the service/domain (mega-api-prod.nemovideo.ai) is legitimate for the product you expect. If you need stronger guarantees, ask the publisher for a homepage, privacy policy, and data-retention terms. If you proceed: do not provide highly sensitive content, prefer using a disposable or limited-scope token for NEMO_TOKEN, and request clarification about the config path and the anonymous-token behavior. If the publisher cannot clarify these inconsistencies, treat the skill with caution.

Review Dimensions

Purpose & Capability: noteThe name/description match the runtime instructions: the skill uploads browser content and calls a cloud video-render API (mega-api-prod.nemovideo.ai). Requesting a service token (NEMO_TOKEN) and allowing file uploads up to 500MB is proportionate to the stated purpose. However, SKILL.md frontmatter includes a config path (~/.config/nemovideo/) while the registry metadata reported no required config paths; also the skill declares NEMO_TOKEN as required but documents an anonymous-token fallback — these are inconsistent with the registry declarations.
Instruction Scope: concernInstructions tell the agent to obtain/use a bearer token, create sessions, upload user files, stream SSE responses, and include attribution headers. Those actions are coherent for video generation, but the doc also instructs to "Keep the technical details out of the chat," which could enable the agent to hide network activity (token acquisition, uploads) from the user. The anonymous-token flow (generate UUID → POST to /api/auth/anonymous-token) means the skill will reach out to an external service and automatically obtain credentials if none are supplied; this is functional but should be made explicit to users before uploads occur.
Install Mechanism: okThis is an instruction-only skill with no install spec and no code files. That minimizes local install risk; nothing will be written to disk by an installer as part of installation.
Credentials: noteRequesting a single service token (NEMO_TOKEN) is appropriate for a cloud-rendering integration. Two issues: (1) SKILL.md frontmatter references a config path (~/.config/nemovideo/) suggesting the skill might read local config (the registry listing showed no config paths), and (2) the skill declares NEMO_TOKEN as required but describes an anonymous-token fallback — contradictory. Both should be clarified before trusting the skill with secrets or local config.
Persistence & Privilege: okThe skill does not request always:true and has no install hooks; it does network requests but does not ask to modify other skills or system-wide settings. Autonomous invocation is allowed by default (normal), so consider this in combination with the other noted concerns.