ClawHub

Internal Communication Video — Create Company Updates Town Halls and Leadership Messages as Engaging Video

v1.0.1

Your all-hands meeting notes get read by 30% of employees. Your CEO written update goes unread by half the organization. Your policy change announcement sits...

0· 49·0 current·0 all-time
bypeandrover adam@peand-rover
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
The SKILL.md describes video creation and editing for internal communications; requesting a single service credential (NEMO_TOKEN) and a per-user config path (~/.config/nemovideo/) is consistent with a cloud/video service. There are no unrelated binaries or unrelated cloud credentials requested.
Instruction Scope
Instructions are high-level: 'Upload your recording or script...' but do not specify endpoints, retention, or what data is transmitted. The instructions do not ask the agent to read arbitrary system files or unrelated environment variables, but they are vague about where uploads go and what the service will do with recordings.
Install Mechanism
This is instruction-only with no install spec and no code files, so nothing is written to disk or installed by the skill itself — low install risk.
Credentials
A single primary credential (NEMO_TOKEN) is declared, which is proportionate for a hosted video service. Minor inconsistency: metadata shows requires.env: [] but also declares primaryEnv: NEMO_TOKEN and a configPath; clarify whether NEMO_TOKEN is required and what permissions it grants.
Persistence & Privilege
always:false (good). The skill can be invoked autonomously by default; combined with a service token this means the agent could upload content without further prompts — ensure token scope and trust in the service. The skill does not request system-wide config changes or other skills' credentials.
Assessment
Before installing: verify the skill's source and the service behind NEMO_TOKEN; ask the publisher what NEMO_TOKEN scopes/permissions are and how uploaded videos are stored/retained/shared. Prefer issuing a least-privilege token (scoped only for video uploads), avoid reusing high-privilege credentials, and test with non-sensitive sample content first. If you need stronger guarantees, request documentation or a privacy/security whitepaper from the skill author explaining where uploads are sent, retention policies, and whether the service stores or analyzes the content.

Like a lobster shell, security has layers — review code before you run it.

latestvk97e2yd0wp3ydvmhhpy6gyx7fd83x3vk

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

📢 Clawdis
Primary envNEMO_TOKEN

Comments