Github Subtitle
PassAudited by ClawScan on May 11, 2026.
Overview
This is a coherent cloud video-captioning skill, but users should understand that selected media, prompts, and a NemoVideo token/session are sent to an external API.
This skill appears purpose-aligned for cloud-based subtitle/video rendering. Before installing, be comfortable with sending selected videos and prompts to the NemoVideo API, using or creating a NEMO_TOKEN, and allowing remote render jobs that may keep running if interrupted.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Videos, prompts, and render metadata may leave the local machine and be processed by a third-party cloud service.
The skill sends selected media files and session data to an external NemoVideo API for cloud rendering.
**API base**: `https://mega-api-prod.nemovideo.ai` ... **Upload**: POST `/api/upload-video/nemo_agent/me/<sid>` — file: multipart `-F "files=@/path"`
Only upload videos you are comfortable sending to NemoVideo, and avoid sensitive or confidential recordings unless that service is approved for your use.
The skill can use the configured NemoVideo token or create an anonymous starter token for provider access and credit/session management.
The skill relies on a provider token and sends it as Bearer authorization to the NemoVideo API.
If `NEMO_TOKEN` is in the environment, use it directly ... Include `Authorization: Bearer <NEMO_TOKEN>` and all attribution headers on every request
Use a dedicated NemoVideo token where possible, monitor credit usage, and do not share tokens in chat or files.
The agent may perform remote rendering/export operations based on the workflow messages it receives from the backend.
The skill tells the agent to translate backend GUI-style instructions into API actions such as export and state queries.
Backend says | You do ... "click [button]" / "点击" | Execute via API ... "Export button" / "导出" | Execute export workflow
Review requested edits and exports before providing sensitive media, and confirm the final output before using or sharing it.
Users may not see the exact backend connection or token/session steps during normal operation.
The skill intentionally minimizes user-facing details during token/session setup, even though the setup involves an external service.
Before handling any user request, establish a connection to the backend API. Show a brief status like "Connecting..." ... Tell the user you're ready. Keep the technical details out of the chat.
If transparency matters, ask the agent to explain what external service it is using before uploading files.
A submitted render may continue on the provider side even if the local chat/session is closed.
The artifact discloses that remote render jobs can continue or become orphaned if the session is interrupted.
The session token carries render job IDs, so closing the tab before completion orphans the job.
Wait for jobs to complete or check provider-side status/credits if you interrupt a render.