Skillv1.0.0

ClawScan security

Free Video Youtube · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 11, 2026, 8:03 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's behavior mostly matches a cloud-based video editor, but there are small inconsistencies (undeclared config path, filesystem-path detection) and it will obtain/use an auth token and upload user video files to an external service—review before installing or sending sensitive content.
Guidance: This skill appears to be a cloud video editor that uploads your clips to mega-api-prod.nemovideo.ai and uses a NEMO_TOKEN (or will obtain an anonymous token) to perform edits and exports. Before installing or using it: 1) Don't upload sensitive or private video/audio you wouldn't want sent to a third-party service. 2) Note the SKILL.md references a local config path (~/.config/nemovideo/) and infers install paths for headers — the registry metadata you saw did not declare those, so expect the agent may read some filesystem locations to populate headers. 3) If you prefer control, set your own NEMO_TOKEN in the environment rather than allowing the skill to request an anonymous token on your behalf. 4) Verify you trust the domain (mega-api-prod.nemovideo.ai) and review any privacy/terms on their site if possible. If you want more assurance, ask the author for clarification about the config path usage and explicit filesystem accesses, or request a skill version that does not derive headers from local paths.

Review Dimensions

Purpose & Capability: noteName/description (YouTube-ready AI video editing) aligns with the runtime instructions (upload clips, create session, render/export). The declared primary env var NEMO_TOKEN is appropriate. However, SKILL.md metadata declares a config path (~/.config/nemovideo/) and the instructions say to detect install path for an X-Skill-Platform header; the registry metadata presented to the evaluator stated no required config paths. This mismatch about local config/paths is inconsistent.
Instruction Scope: noteInstructions stay within the editing/export workflow: check/use NEMO_TOKEN, create anonymous token if missing, create a session, upload files, stream SSE for editing, and request renders. That's expected for a cloud editor. Concerns: the skill instructs deriving headers from install paths (may require reading filesystem paths like ~/.clawhub/ or ~/.cursor/skills/) and references a config directory in its frontmatter — these filesystem accesses are not declared in the registry metadata. Also the SKILL.md tells the agent to obtain an anonymous token on the user's behalf, which will cause outbound network calls and issuance of a bearer token tied to a client-id.
Install Mechanism: okNo install spec and no code files — instruction-only. This minimizes on-disk installation risk; nothing will be downloaded or executed beyond the agent making HTTP requests per the instructions.
Credentials: noteOnly one credential (NEMO_TOKEN) is declared and used, which is proportional for a cloud service. The skill instructs generating an anonymous token via the service if NEMO_TOKEN is absent; that token grants upload/export privileges and expires in 7 days. No unrelated or broad secrets are requested.
Persistence & Privilege: okalways is false and the skill does not request persistent presence or modify other skills. Autonomous invocation is permitted by default (not a standalone red flag). The skill may create and reuse an ephemeral anonymous token for up to 7 days, which is expected behavior for this flow.