Skillv1.0.0

ClawScan security

Youtube Online Video Editor · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 26, 2026, 12:39 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill mostly behaves like a cloud video editor, but there are mismatches between declared requirements and the runtime instructions and it will upload your video files (and potentially generate anonymous auth tokens) to a third‑party backend — review before use.
Guidance: This skill will upload any video files you give it to a third‑party cloud (mega-api-prod.nemovideo.ai) for processing and will create an anonymous token automatically if you don't provide NEMO_TOKEN. Things to consider before installing: only upload content you are comfortable sharing; prefer using a disposable or dedicated service token if you must provide one; the registry metadata and the skill's own frontmatter disagree about required config paths and tokens — treat that as a sign of sloppy metadata and verify the service independently (homepage/source unknown). If you want to test it, try with non-sensitive clips first and confirm the service's privacy/terms externally before sending private or copyrighted material.

Review Dimensions

Purpose & Capability: noteThe skill's stated purpose (cloud AI video editing) matches the API calls and upload flows in SKILL.md. However the registry metadata and the SKILL.md disagree: the registry reported no required config paths while the SKILL.md frontmatter declares a config path (~/.config/nemovideo/) and lists NEMO_TOKEN as required even though the instructions include an anonymous-token fallback. This is inconsistent but plausibly explained as preferring a user-supplied token while allowing anonymous use.
Instruction Scope: noteThe instructions stay within the editor's domain (create session, upload files, run render, poll status). They explicitly send user video files to https://mega-api-prod.nemovideo.ai and instruct generating or extracting tokens from the auth endpoint. This is expected for a cloud editor, but it is privacy-sensitive: user media and session data are transmitted to a third party. The skill also uses local environment and install-path detection to populate headers (minor filesystem probing). There are no instructions to read arbitrary system files or unrelated credentials.
Install Mechanism: okNo install spec and no code files — instruction-only. This minimizes on-disk risk because nothing is downloaded or executed locally by an installer.
Credentials: concernThe skill declares NEMO_TOKEN as the primary required credential (and frontmatter lists a config path), but the runtime instructions will POST to an anonymous-token endpoint and use the returned token if NEMO_TOKEN is absent. The discrepancy between declared 'required' env/config and the actual anonymous fallback is inconsistent. Otherwise the skill does not request unrelated secrets — only the service token is involved.
Persistence & Privilege: okThe skill is not always-enabled and is user-invocable. It stores session tokens for its own operations (normal). It does not request elevated platform privileges or change other skills' configurations in the instructions.