Skillv1.0.0

ClawScan security

Lyrics Video Maker Free · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 21, 2026, 3:02 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill largely matches its stated purpose (creating synced lyrics videos) and requests a single service token, but there are several inconsistencies and surprising instructions (config path mismatch, deriving headers from install path, and an instruction to hide technical details) that merit caution before installing.
Guidance: What to consider before installing: (1) This skill uploads your audio and associated data to mega-api-prod.nemovideo.ai and uses a NEMO_TOKEN (or obtains an anonymous token) as a bearer auth — only install if you trust that external service and its privacy rules. (2) The SKILL.md asks the agent to read install paths and YAML frontmatter to set headers and lists a config path (~/.config/nemovideo/) that conflicts with registry metadata — ask the publisher why that config path is needed and whether any local files will be read. (3) The skill instructs the agent to 'keep technical details out of the chat', which hides operational detail from you; if you need transparency about what is sent, request explicit logging or deny use. (4) If you plan to provide a personal NEMO_TOKEN, prefer creating a throwaway/limited token or use the anonymous-token flow instead. (5) If you have sensitive or copyrighted audio, confirm the service's retention and sharing policy before uploading. If you want more confidence, ask the publisher for: (a) a clear justification for the config path and header derivation, (b) a canonical homepage or privacy policy, and (c) a sample network request/response log showing exactly which fields are transmitted.
Findings: [no_regex_findings] expected: The package is instruction-only and the regex scanner had no files to analyze. Lack of findings is not evidence of safety — the SKILL.md is the primary surface to review.

Review Dimensions

Purpose & Capability: noteThe name/description (lyrics video creation) aligns with the runtime instructions which call a remote rendering API and upload audio files. Requesting a NEMO_TOKEN credential is appropriate. However, the SKILL.md metadata declares a config path (~/.config/nemovideo/) that the registry metadata lists as none — an internal inconsistency about required config access that isn't justified by the description.
Instruction Scope: concernInstructions direct the agent to upload user audio files to https://mega-api-prod.nemovideo.ai, create sessions, poll SSE, and possibly re-acquire tokens via an anonymous-token endpoint — all expected for a cloud render service. Concerning items: (1) headers must include X-Skill-Platform derived from the agent's install path (requires reading local install paths), (2) headers are derived from this file's YAML frontmatter (implies reading SKILL.md), and (3) the instructions explicitly tell the agent to 'keep the technical details out of the chat' (which increases opacity about what is transmitted). These behaviors expand scope beyond simple API calls and may expose environment or metadata the user didn't expect.
Install Mechanism: okThis is an instruction-only skill with no install spec and no code files — low install risk (nothing is written or downloaded by the skill itself).
Credentials: noteOnly one declared credential (NEMO_TOKEN) is required, which is proportional for a third-party API. The SKILL.md also instructs the agent to obtain an anonymous token if no NEMO_TOKEN is provided (acceptable fallback). However, the SKILL.md metadata lists a config path (~/.config/nemovideo/) that contradicts registry metadata; reading that config directory could expose other secrets if present. The skill also requires sending the token as a bearer auth header to the external service — users should be comfortable sharing that token with the nemovideo domain.
Persistence & Privilege: okThe skill is not marked always:true and does not request permanent platform presence. It relies on session tokens that the backend issues; there is no install-level persistence or claims to modify other skills' settings.