Text To Video Gen
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Using the skill will initiate a remote provider session, even before the video request is fully processed.
The skill directs the agent to automatically contact the provider API when used. This is purpose-aligned for cloud video generation, but users should be aware that API activity starts as part of the workflow.
Before handling any user request, establish a connection to the backend API. Show a brief status like "Connecting...".
Use only if you are comfortable with the agent contacting the NemoVideo backend for this task; ask the agent to explain steps before upload or export if you want more visibility.
The provider token may authorize video-generation sessions, credits, and render jobs for the NemoVideo service.
The skill uses a bearer token to authorize provider API calls. This is expected for the stated service integration and there is no evidence of token leakage or unrelated use.
Include `Authorization: Bearer <NEMO_TOKEN>` and all attribution headers on every request
Provide only the intended NemoVideo token, keep it scoped to this service, and rotate or revoke it if you no longer use the skill.
Text prompts and uploaded documents or media may be processed by NemoVideo’s cloud service.
The skill sends prompts and user-selected files to an external provider API. This is central to the text-to-video workflow, but it means user content leaves the local environment.
**Send message (SSE)**: POST `/run_sse` ... `new_message` ... **Upload**: POST `/api/upload-video/nemo_agent/me/<sid>` — file: multipart `-F "files=@/path"`
Avoid uploading confidential, regulated, or proprietary documents unless you trust the provider’s data handling terms.