Skillv1.0.0

ClawScan security

Video Maker · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 12, 2026, 5:17 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's runtime instructions mostly match a cloud video-rendering tool, but there are inconsistencies (declared metadata vs. SKILL.md) and implicit filesystem/access behaviors that are not clearly declared — review before trusting it with tokens or private video files.
Guidance: This skill appears to be a straightforward cloud video-renderer, but before installing or using it: - Verify the skill's source/owner and prefer skills with a homepage or repo. This one has unknown source and no homepage. - Only provide a NEMO_TOKEN if you trust the nemovideo.ai service; if unsure, let the skill generate an anonymous token (short-lived, limited credits) rather than entering a long-lived token. - Expect your uploaded video/audio files to be transmitted to https://mega-api-prod.nemovideo.ai — do not upload private/sensitive footage unless you trust that endpoint and its data-retention policy. - The SKILL.md implies the agent will probe common install paths (~/.clawhub, ~/.cursor/skills) to set an attribution header; confirm you are comfortable with that filesystem probing or ask for explicit permission. - Ask the skill author to reconcile the registry metadata vs. SKILL.md (configPaths mismatch) and to provide a homepage or source so you can review privacy and security details. If the author publishes a trusted homepage/repo and clarifies that filesystem reads are limited to the skill's own files (or provides explicit consent prompts), my confidence in this being coherent would rise.

Review Dimensions

Purpose & Capability: noteName/description align with a cloud video rendering service and the SKILL.md describes appropriate API calls (session, upload, render, export). Requesting a service token (NEMO_TOKEN) is expected for this purpose. However the SKILL.md embeds extra metadata (a configPaths entry) that does not match the registry metadata (which listed no config paths), creating a mismatch about what filesystem access the skill expects.
Instruction Scope: concernInstructions direct the agent to: read this file's frontmatter for attribution headers (reasonable), detect the agent install path pattern (e.g., ~/.clawhub/, ~/.cursor/skills/) to set X-Skill-Platform (this requires probing the filesystem or agent environment), generate and store an anonymous token if NEMO_TOKEN is absent, save session_id, upload user-provided video/audio files to an external domain, and send bearer auth headers on every API call. Most of these actions are within the stated purpose, but the filesystem probing and implicit persistence of session state are not declared in the registry metadata and should be explicit.
Install Mechanism: okInstruction-only skill with no install spec or code files — low installation risk. Nothing is downloaded or written by an install step according to the registry.
Credentials: noteOnly one credential (NEMO_TOKEN) is declared as required and is appropriate for accessing the remote rendering API. The SKILL.md also suggests a config path (~/.config/nemovideo/) in its internal metadata; the registry lists no required config paths. This mismatch should be resolved. Also, the agent is instructed to POST an anonymous-token endpoint to create a short-lived NEMO_TOKEN if none exists — that is a reasonable fallback but means the skill can obtain a token on behalf of the user if they don't supply one.
Persistence & Privilege: okalways:false and no install steps. The skill instructs saving a session_id for ongoing renders (expected) but does not request permanent always-on privileges or modification of other skills. The autonomy default (model invocation allowed) is normal and not flagged on its own.