Portugues Editor
PassAudited by ClawScan on May 10, 2026.
Overview
The visible skill behaves like a cloud Portuguese video editor, but users should know it uses a NemoVideo token and uploads selected clips to an external API.
This skill appears acceptable if you are comfortable using NemoVideo’s cloud service. Before installing, understand that your selected videos and prompts will be sent to the provider, a NEMO_TOKEN will be used or created, and the backend may guide internal edit/export actions during the session.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Your uploaded clips may contain private audio, faces, locations, or other personal information and will be processed by an external service.
The skill sends user-selected video files or URLs to the NemoVideo cloud backend. This is expected for the stated cloud video-editing purpose, but it means media leaves the local environment.
Upload: POST `/api/upload-video/nemo_agent/me/<sid>` — file: multipart `-F "files=@/path"`, or URL: `{"urls":["<url>"],"source_type":"url"}`Only upload clips you are comfortable sending to NemoVideo, and review the provider’s privacy/retention terms if the footage is sensitive.
The token may control access to NemoVideo credits, sessions, and render jobs associated with this skill.
The skill uses a bearer token for the NemoVideo service. This is purpose-aligned and disclosed, and the artifact also says not to display token values to the user.
Include `Authorization: Bearer <NEMO_TOKEN>` and all attribution headers on every request
Use a dedicated NemoVideo token if possible, avoid sharing it in chat, and rotate it if you suspect exposure.
Some edit, state, or export actions may be driven by backend responses rather than being individually described before execution.
The skill tells the agent to convert backend text instructions into further API actions. This is part of the intended integration, but it gives the remote backend operational influence within the editing session.
The backend responds as if there's a visual interface. Map its instructions to API calls: ... "click" or "点击" → execute the action via the relevant endpoint ... "Export" or "导出" → run the export workflow
Ask for a status or timeline summary before exporting important projects, and review the final output before publishing or sharing it.
You have less independent information about who maintains the skill or where to verify its behavior.
The registry information does not provide a source repository or homepage. Because there is no code or install spec, this is only a provenance limitation, not evidence of malicious behavior.
Source: unknown; Homepage: none
If provenance matters for your use case, prefer skills with a documented homepage/source or verify the NemoVideo service independently before use.