Skillv1.0.0

ClawScan security

Free Video Music Generator · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 23, 2026, 4:41 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's runtime instructions mostly match a cloud video-music service (upload video, generate music, return URL), but there are small metadata inconsistencies and privacy/third‑party risks you should understand before installing.
Guidance: This skill appears to do what it says (upload your video to a cloud backend, generate background music, and return a download link), but before installing you should: 1) Confirm you trust the endpoint (https://mega-api-prod.nemovideo.ai) and review its privacy/terms because your videos will be uploaded off-device; 2) Avoid setting a long‑lived, high‑privilege NEMO_TOKEN in shared/system environments — prefer a disposable/anonymous token if possible; 3) Ask the author to clarify the metadata mismatch about ~/.config/nemovideo/ (does the skill read that folder?), and request a homepage/source for auditing; 4) Be aware that an agent with access to NEMO_TOKEN could perform network uploads/polls autonomously — limit token scope or revoke tokens when not needed.

Review Dimensions

Purpose & Capability: noteThe name/description (add AI music to videos) aligns with the runtime actions: session creation, upload, SSE chat, render/export and download URL polling to https://mega-api-prod.nemovideo.ai. Requesting a NEMO_TOKEN is coherent for a cloud API. However, the SKILL.md frontmatter lists a config path (~/.config/nemovideo/) that is not reflected in the registry's reported required config paths — this metadata mismatch should be clarified.
Instruction Scope: noteInstructions confine behavior to the remote rendering service (auth, session, upload, SSE, export). They explicitly call for checking NEMO_TOKEN, obtaining an anonymous token if missing, and performing uploads. That means user video files and session tokens will be sent to the external domain — expected for this use case but a clear privacy/networking action that the user should be aware of. The skill does not instruct reading arbitrary local files beyond the possible config path mentioned in metadata (inconsistency).
Install Mechanism: okThere is no install spec and no code files (instruction-only), so nothing will be written to disk by an installer. This is the lowest install risk.
Credentials: noteOnly one credential is declared (NEMO_TOKEN) which is proportional for authenticating with the service. The skill's fallback to request an anonymous token from the same domain if NEMO_TOKEN is absent is consistent with its purpose. Consider that any NEMO_TOKEN you provide (or anonymous token obtained at runtime) will grant the skill network access to the third‑party backend and could be used to list/poll jobs and access returned URLs; treat it as a secret. There is no evidence the skill requests unrelated credentials.
Persistence & Privilege: okalways:false and normal model invocation are used. The skill does not request forced global inclusion or system-wide config changes. Note: if your agent runs autonomously and has a token, it could initiate uploads/requests without interactive prompts — standard platform behavior but worth keeping in mind.