Skillv1.0.0

ClawScan security

Image To Video Online Free · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 13, 2026, 11:45 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's behavior mostly matches an image→video cloud service, but there are small inconsistencies and it will automatically obtain and use remote tokens and upload your images to an external API — review before installing or sending sensitive files.
Guidance: This skill will send your images and session data to a third-party API (mega-api-prod.nemovideo.ai) and can auto-create anonymous tokens if you don't supply NEMO_TOKEN. Before installing or using it: 1) Do not upload sensitive or confidential images unless you trust the service and its privacy policy. 2) Consider providing your own NEMO_TOKEN only if you trust the provider; otherwise the skill will obtain a temporary anonymous token. 3) Ask the author to clarify the metadata mismatch (SKILL.md lists a config path but the registry metadata does not). 4) Be aware the agent may read its install path to set X-Skill-Platform — if you need to restrict local context reading, avoid enabling the skill. If these behaviors are acceptable for your use (public images, willing to use a cloud render service), the implementation is coherent; if not, do not install.

Review Dimensions

Purpose & Capability: noteThe skill claims to convert photos to videos and its instructions are focused on a remote render API (nemovideo.ai) — requiring a NEMO_TOKEN is coherent. However, the SKILL.md frontmatter lists a config path (~/.config/nemovideo/) while the registry metadata stated no config paths; this mismatch is an inconsistency to be aware of.
Instruction Scope: concernThe runtime instructions direct the agent to obtain/renew anonymous tokens, create sessions, upload user files, and poll remote endpoints. Those actions are expected for the stated purpose, but the skill also instructs auto-generating a token if NEMO_TOKEN is absent and infers a platform name from the install path — which implies the agent may read its environment/install path and will transmit user images and session identifiers to a third-party service. Users should confirm they are comfortable with remote uploads and that no extra local files or unrelated env vars are read.
Install Mechanism: okThis is instruction-only with no install spec or downloaded code, so nothing is written to disk during installation. That lowers mechanical install risk.
Credentials: noteOnly one credential (NEMO_TOKEN) is declared as required — which aligns with a cloud API. However the skill will call an anonymous-token endpoint to mint a token if none exists, meaning it can operate without a pre-provided secret. The frontmatter's configPaths entry (present in SKILL.md) does not match the registry's 'no config paths' claim; this should be clarified.
Persistence & Privilege: okalways:false and no instructions to change other skills or system-wide settings. The skill asks to 'keep' session_id for the session lifecycle, which is normal for this workflow and does not imply elevated platform privileges.