Video Generator Free Api Key
PassAudited by ClawScan on May 13, 2026.
Overview
This skill appears to be a legitimate cloud video-generation integration, but it uses an external API, bearer token, remote uploads, and limited free credits that users should understand.
Install only if you are comfortable using the NemoVideo cloud API. Treat the free token as a limited trial, watch credit usage, and avoid uploading sensitive media unless you trust the provider. The provided artifacts show no local code execution or clear malicious behavior, but the visible SKILL.md was truncated, so this review is limited to the supplied content.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The skill can use provider credits or a provider token while generating and exporting videos.
The skill uses a bearer token or obtains an anonymous provider token to create sessions and make API calls. This is expected for the stated cloud video-generation purpose, but it is still delegated account/API authority.
Every API call needs `Authorization: Bearer <NEMO_TOKEN>` ... If `NEMO_TOKEN` is in the environment, use it directly ... Otherwise, acquire a free starter token
Use only a token intended for this service, monitor credit usage, and revoke or rotate the token if you no longer use the skill.
Prompts, uploaded videos, images, or audio may leave the local environment and be processed by the remote service.
The skill sends user prompts and selected media files to an external provider API and receives streamed backend responses. This is purpose-aligned, but the artifact does not describe provider retention or privacy handling.
Base URL: `https://mega-api-prod.nemovideo.ai` ... `/run_sse` | POST | Send a user message ... `/api/upload-video/nemo_agent/me/<sid>` | POST | Upload a file
Avoid uploading private or sensitive media unless you are comfortable sending it to the NemoVideo service and have reviewed its terms or privacy practices.
Video edits or exports may be run as part of the workflow and may consume credits.
The skill instructs the agent to convert backend GUI-style messages into API actions. Those actions appear limited to the stated video workflow, but exports or edits could be triggered through backend responses.
Backend says | You do ... "click [button]" | Execute via API ... "Export button" / "导出" | Execute export workflow
Confirm before costly exports or actions that consume credits, especially when using a paid or limited token.
Users have less provenance information when deciding whether to trust the integration and its external API instructions.
The skill does not install local code, which limits supply-chain execution risk, but the supplied metadata does not provide a source repository or homepage for independent verification.
Source: unknown; Homepage: none; No install spec — this is an instruction-only skill.
Verify the service and publisher before providing a real token or uploading sensitive media.