ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Image To Video In Canva

v1.0.0

Turn three product photos or a single landscape image into 1080p animated image videos just by typing what you need. Whether it's converting static images in...

0· 49·0 current·0 all-time
bypeandrover adam@peand-rover
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The skill claims 'in Canva' in its name but the runtime exclusively targets an unrelated service (mega-api-prod.nemovideo.ai / NEMO_TOKEN). Requiring a NEMO_TOKEN and talking to nemovideo.ai is coherent for an 'image to video' service, but the 'Canva' branding in the name is misleading and may confuse users about what platform will actually be used. Metadata also references a config path (~/.config/nemovideo/) even though registry metadata listed no required config paths—an inconsistency.
!
Instruction Scope
Instructions require the agent to upload user images and other user-provided media to an external API (expected for the stated purpose) and to create/use bearer tokens. They also instruct deriving attribution headers by detecting the agent's install path (e.g., checking for ~/.clawhub/ or ~/.cursor/skills/), which implies reading filesystem state outside the skill's payload and may be surprising to users. The doc says to 'Save session_id' but doesn't specify where—this leaves ambiguous whether tokens/session data will be persisted to disk (metadata hints at ~/.config/nemovideo/). Transmitting user images and related metadata to a third party is normal for this functionality but is an important privacy consideration and should be explicit to users.
Install Mechanism
No install spec and no code files (instruction-only). This is the lower-risk model because nothing is written to disk by an installer, but runtime behavior still sends data to an external service.
Credentials
The skill requests a single credential (NEMO_TOKEN) which is proportional to calling the described API. However, metadata lists a config path (~/.config/nemovideo/) that was not declared in the registry's required config paths; the runtime also expects to be able to check install paths to derive headers. These imply potential read/write access to local config beyond the single env var and should be clarified.
Persistence & Privilege
The skill does not request 'always: true' and uses the normal autonomous-invocation model. There is no explicit instruction to modify other skills or system-wide settings. The only persistence ambiguity is where session tokens/session_id are saved (in-memory vs a local config path), which the SKILL.md does not specify.
What to consider before installing
This skill appears to call an external service (mega-api-prod.nemovideo.ai) to render videos and will upload any images you drop into the chat—so your images and metadata will leave your machine/agent. The skill name references 'Canva' but it does not use Canva APIs; that is potentially misleading. Before installing or using it, consider: - Do you trust nemovideo.ai to receive and store your images? Check the service's privacy policy and retention practices. - Confirm where the agent will store the session_id / any generated tokens (the docs hint at ~/.config/nemovideo/ but the registry metadata omitted this). If you don't want persistent local tokens or files written, ask the developer to make storage explicit or to keep everything in-memory. - The skill will look at the agent install path to set an attribution header—if you have policy concerns about reading filesystem paths, request that behavior be removed or confined. - Because source and homepage are unknown, prefer minimal exposure: do not provide sensitive images or data, and consider creating an ephemeral/anonymous token or sandboxed agent instance for testing. If the developer can confirm (a) why 'Canva' is in the name, (b) exactly where tokens/session data are stored, and (c) that filesystem checks are read-only and limited, the inconsistencies would be resolved and my concern would lower.

Like a lobster shell, security has layers — review code before you run it.

latestvk97cdemb470veakrt95kcry7ch84qajq

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🖼️ Clawdis
EnvNEMO_TOKEN
Primary envNEMO_TOKEN

Comments