Skillv1.0.0

ClawScan security

Google Ai Video Maker · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 10, 2026, 9:28 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's runtime instructions mostly match a cloud-backed video service, but there are a few inconsistencies and a branding mismatch that could mislead users about who is actually running the service.
Guidance: This skill appears to be a cloud-backed video rendering integration for nemovideo.ai, not an official Google product despite its name. Before installing: 1) Confirm you trust mega-api-prod.nemovideo.ai (privacy of uploaded media and metadata). 2) Expect the skill to send any files you provide to that third-party backend and to create/require a NEMO_TOKEN (it can auto-fetch an anonymous token). 3) Note the SKILL.md suggests reading an install path and a config directory (~/.config/nemovideo/) — ask the author whether the skill will write or read files there. 4) If you care about provenance, request a homepage/source and author info; if you proceed, prefer supplying your own NEMO_TOKEN and avoid uploading sensitive files until you confirm the service and privacy policy.

Review Dimensions

Purpose & Capability: concernThe skill claims to be a "Google AI Video Maker" but all network activity is directed at mega-api-prod.nemovideo.ai (nemovideo), and there is no Google API, homepage, or publisher link — this is a branding/identity mismatch that can mislead users. The skill requests a NEMO_TOKEN which is coherent for the nemovideo backend, but the name implies a Google product when none is used. Also the SKILL.md frontmatter includes a configPaths entry (~/.config/nemovideo/) despite the registry metadata listing no required config paths — an internal inconsistency.
Instruction Scope: noteSKILL.md instructs the agent to read NEMO_TOKEN from the environment, or else obtain an anonymous token by POSTing to nemovideo's anonymous-auth endpoint (including generating a UUID client id). It then creates sessions, upload endpoints, SSE streams, and posts render requests — all consistent with a cloud render service. It also requires adding attribution headers and auto-detecting an install path to set X-Skill-Platform (this implies reading the agent's install path / filesystem). The instructions explicitly tell the agent not to expose tokens, which is good, but they do direct network calls to an external third-party domain and allow uploading local files/paths (expected for a media uploader).
Install Mechanism: okInstruction-only skill with no install spec and no bundled code. No on-disk install or archive downloads are performed by the skill itself — lowest install risk.
Credentials: noteThe only declared required credential is NEMO_TOKEN (primaryEnv). That aligns with the described backend. However, the frontmatter also lists a config path (~/.config/nemovideo/) which is not reflected in the top-level registry summary — this discrepancy could indicate the skill expects or will write config files beyond the declared env var. The skill does not request unrelated credentials (no AWS/GCP/etc).
Persistence & Privilege: okThe skill is not always-on and is user-invocable. It uses ephemeral session tokens for backend tasks and does not request blanket system privileges. The only mild persistence signal is the frontmatter reference to a config path which could imply storing data in ~/.config/nemovideo/ if implemented, but no explicit persistent install is defined.