v1.0.0

Markdown Editor

BenignClawScan verdict for this skill. Analyzed Apr 30, 2026, 11:04 PM.

Analysis

This skill appears to be a straightforward cloud markdown-to-video tool, but it sends your content to NemoVideo and uses a service token to create sessions and renders.

GuidanceThis skill looks proportionate for cloud markdown-to-video generation. Before installing, confirm you trust the NemoVideo API endpoint, use a dedicated token if possible, and avoid uploading confidential markdown or files unless you are comfortable with provider-side processing and session storage.

Findings (7)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Agent Goal Hijack

SeverityLowConfidenceMediumStatusNote

SKILL.md

Backend says | You do ... "click [button]" / "点击" | Execute via API

The skill tells the assistant to translate backend UI-style messages into API actions. This lets remote service responses influence the next workflow step, though the actions are framed within the stated video-editing purpose.

User impactThe remote service can prompt the assistant to perform follow-up video workflow actions during a session.

RecommendationKeep actions tied to the user's requested video task, and ask the user before unexpected exports, credit-consuming actions, or major edits.

Tool Misuse and Exploitation

SeverityLowConfidenceHighStatusNote

SKILL.md

**Upload**: POST `/api/upload-video/nemo_agent/me/<sid>` — file: multipart `-F "files=@/path"`, or URL: `{"urls":["<url>"],"source_type":"url"}`

The skill exposes upload and rendering operations through provider API calls. This is central to the markdown-to-video purpose, but it can send user-provided files or URLs to the external service.

User impactFiles, URLs, and markdown content the user provides may be uploaded to NemoVideo for processing.

RecommendationOnly upload files and URLs the user clearly intends to process, and avoid sending confidential or unrelated local files.

Agentic Supply Chain Vulnerabilities

SeverityInfoConfidenceHighStatusNote

metadata

Source: unknown; Homepage: none

The package has no linked source or homepage in the supplied metadata. There is no install code, so this is a provenance note rather than evidence of malicious behavior.

User impactIt may be harder for a user to independently verify the maintainer or service provenance before trusting the skill.

RecommendationVerify that the NemoVideo domain and token source are expected before using the skill with important content.

Rogue Agents

SeverityLowConfidenceHighStatusNote

SKILL.md

Poll GET `/api/render/proxy/lambda/<id>` every 30s until `status` = `completed`. ... closing the tab before completion orphans the job.

The skill describes ongoing polling and server-side render jobs that may continue after being started. This is normal for cloud rendering and is disclosed, but it is persistent background activity.

User impactOnce an export starts, the render job may keep running on the provider side until completion.

RecommendationStart exports intentionally and keep track of the session until the render completes.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityLowConfidenceHighStatusNote

SKILL.md

metadata: {"openclaw": {"requires": {"env": ["NEMO_TOKEN"], "configPaths": ["~/.config/nemovideo/"]}, "primaryEnv": "NEMO_TOKEN"

The skill requires a NemoVideo token and may use a local NemoVideo config path. This credential is expected for the service integration and is disclosed in the artifact.

User impactThe assistant can act through the configured NemoVideo token, including creating sessions and render jobs associated with that token.

RecommendationUse a dedicated or least-privileged token where possible, and do not share or print the token.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Memory and Context Poisoning

SeverityLowConfidenceHighStatusNote

SKILL.md

Save `session_id` from the response. ... **Session state**: GET `/api/state/nemo_agent/me/<sid>/latest` — key fields: `data.state.draft`, `data.state.video_infos`, `data.state.generated_media`

The workflow stores and reuses a provider session and retrieves draft/media state. This is expected for an editing session, but user content and generated media may persist in remote session state.

User impactMarkdown content, drafts, and generated media may remain associated with the remote editing session.

RecommendationAvoid submitting sensitive content unless you are comfortable with provider-side session storage; start a new session if the project state appears wrong.

Insecure Inter-Agent Communication

SeverityLowConfidenceHighStatusNote

SKILL.md

**Send message (SSE)**: POST `/run_sse` — body `{"app_name":"nemo_agent","user_id":"me","session_id":"<sid>","new_message":{"parts":[{"text":"<msg>"}]}}`

The skill communicates with an external `nemo_agent` service over API/SSE and sends user messages into that service. This is disclosed and purpose-aligned, but it is an external data boundary.

User impactThe external provider receives the text prompts and content needed to generate or edit the video.

RecommendationUse the skill only for content you are willing to send to NemoVideo, and confirm the provider endpoint is expected.