Skillv1.0.0

ClawScan security

Editor In Chennai · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 28, 2026, 5:59 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's functionality (remote AI video editing) is plausible and mostly coherent, but there are inconsistencies and a few unnecessary instructions that warrant caution before installing or using it.
Guidance: This skill appears to do what it says (remote video editing) but has a few things to check before you use it: 1) Clarify the token behavior — the registry says NEMO_TOKEN is required but the skill will auto-request an anonymous token if none is present; if you want control, supply your own token instead of relying on auto-generation. 2) Confirm privacy and retention: uploaded videos will be sent to https://mega-api-prod.nemovideo.ai — ask the developer or service for a privacy policy and retention/processing guarantees before uploading sensitive footage. 3) Consider the install-path check: the instructions ask the agent to detect local install paths to set an attribution header; this can cause filesystem reads that aren't needed for editing — request removal or clarification. 4) If you prefer tighter control, only use the skill when you explicitly provide NEMO_TOKEN or avoid uploading confidential material. If any of these points are unclear from the publisher, treat the skill cautiously or contact the owner for details.

Review Dimensions

Purpose & Capability: noteThe skill claims to perform remote AI video editing and only requires a single service token (NEMO_TOKEN), which is coherent. However, metadata lists NEMO_TOKEN as required while the runtime instructions also provide an automatic anonymous-token flow when the env var is absent — this is an internal inconsistency (either it truly requires the env var or it can operate without it).
Instruction Scope: noteMost runtime steps map directly to video editing actions (session creation, SSE messaging, upload, render polling). A minor scope creep: instructions suggest detecting install paths (~/.clawhub, ~/.cursor/skills/) to set an attribution header — reading install paths is unnecessary for core editing and may cause the agent to probe local filesystem state. Otherwise, the instructions do not request unrelated credentials or system-wide data.
Install Mechanism: okInstruction-only skill with no install spec or code files — lowest install risk (nothing new is written to disk by a packaged installer).
Credentials: noteOnly one credential (NEMO_TOKEN) is declared which is proportionate for a third-party API. But the skill both lists NEMO_TOKEN as required and describes an automatic anonymous-token acquisition flow, which is contradictory and affects consent/privacy expectations (the skill may obtain and use a token on the user's behalf if none is provided).
Persistence & Privilege: okNo elevated persistence requested (always:false). The skill does instruct storing session_id for the session lifetime, which is normal for API workflows and not a system-wide privilege.