Skillv1.0.0

ClawScan security

Text To Video Deevid · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 15, 2026, 5:53 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill largely matches a text→video cloud service, but its runtime instructions ask the agent to read local skill/frontmatter and detect install paths (filesystem access) and there's an inconsistency about required config paths — these behaviors broaden its scope and merit caution.
Guidance: Before installing or using this skill: (1) Understand uploads and all files you send will be transmitted to https://mega-api-prod.nemovideo.ai — do not upload sensitive data unless you trust that service. (2) The skill asks the agent to read the SKILL.md frontmatter and probe common install paths to set X-Skill-Platform — ask the maintainer why filesystem access is needed and whether that can be avoided. (3) Confirm the legitimacy of the nemo API domain and its privacy/retention policy; anonymous-token creation will generate a client UUID that could link activity. (4) Prefer testing with a throwaway NEMO_TOKEN or anonymous flow and non-sensitive sample media first. (5) Resolve the metadata inconsistency about required config paths (registry vs SKILL.md) before granting broader access.

Review Dimensions

Purpose & Capability: noteThe declared purpose (convert text to 1080p AI videos) aligns with the API calls and required NEMO_TOKEN. However, the SKILL.md requests reading the skill file's YAML frontmatter at runtime and detecting install paths to set X-Skill-Platform, which is not strictly necessary for video generation and expands filesystem access. Also the SKILL.md's metadata lists a config path (~/.config/nemovideo/) while the registry metadata above lists no required config paths — an internal inconsistency.
Instruction Scope: concernInstructions require creating sessions, uploading user files, and posting to a third-party API (expected). Concerningly, they also instruct the agent to read the SKILL.md frontmatter and probe common install directories (~/.clawhub/, ~/.cursor/) to set attribution headers. That requires reading local paths and possibly other files; it could surface more local context than necessary. The instructions also tell the agent to automatically obtain an anonymous token if NEMO_TOKEN is absent (network request to an external endpoint).
Install Mechanism: okThis is instruction-only with no install spec or downloaded code, so nothing is written to disk by an installer. That reduces install-time risk.
Credentials: noteThe skill requests a single credential (NEMO_TOKEN) which is proportional for a cloud video service. However, the SKILL.md metadata lists a config path (~/.config/nemovideo/) not declared in the registry summary, creating ambiguity about whether the skill expects to access local configuration files beyond the token.
Persistence & Privilege: notealways:false (no forced persistent inclusion). The skill instructs creation of server-side render jobs that may persist if the session closes (orphaned jobs), which affects user data retention and costs but is not an authorization escalation. The agent is allowed autonomous invocation by default (not flagged alone).