Skillv1.0.0

ClawScan security

Video Editing Ai Auto · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 22, 2026, 11:21 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's instructions mostly match a cloud video-editing integration (it needs an API token and describes upload/render flows), but there are inconsistencies and a few scope/privacy concerns you should review before installing.
Guidance: This skill appears to be a legitimate cloud video-editing integration, but review these before installing: (1) Source and trust — there is no homepage or publisher info; confirm you trust mega-api-prod.nemovideo.ai. (2) Config-path mismatch — the frontmatter references a local config directory (~/.config/nemovideo/) though the registry metadata did not; ask the author why the skill would need to read/write local config. (3) Token handling — the skill will mint an anonymous token if none is provided; ensure you understand where that token will be stored and its permissions/expiry. (4) File access — the upload examples reference local file paths; ensure the agent only uploads files you explicitly attach and does not scan arbitrary filesystem locations. (5) Privacy — uploading video/audio sends content to a third-party service; confirm the privacy/retention policy before sending sensitive footage. If you cannot verify the upstream service or the config-path rationale, treat this skill with caution.

Review Dimensions

Purpose & Capability: concernThe skill name/description align with a cloud video-editing API and the required NEMO_TOKEN credential fits that purpose. However, the SKILL.md frontmatter declares a config path (~/.config/nemovideo/) that is not listed in the registry metadata (which said no config paths). That mismatch is unexplained: a pure cloud API integration should not need a local config directory unless it plans to read/write local config files.
Instruction Scope: concernInstructions are specific about creating anonymous tokens, opening sessions, using SSE, uploading files, polling render status, and returning download URLs — all expected for a remote render service. But the doc also asks to auto-detect an install path to set X-Skill-Platform and references a local config path in frontmatter. Auto-detection would require reading system/install paths; the instructions are vague about how to detect or what files to read. The upload examples use multipart file paths (e.g. -F "files=@/path") which, if followed literally, could cause the agent to read arbitrary local paths instead of only user-provided attachments. These scope items expand the agent's filesystem/network access beyond simple API calls.
Install Mechanism: okInstruction-only skill with no install spec and no code files, so nothing is written to disk by an installer. This is the lower-risk install model.
Credentials: noteOnly one credential (NEMO_TOKEN) is declared and that aligns with a cloud API. The SKILL.md also documents generating an anonymous token via an API call (100 credits, 7-day expiry) if no token exists; creating such a token is plausible but means the skill may request network calls to mint tokens and (implicitly) store them for the session. The earlier-mentioned config path in frontmatter is not justified by instructions and looks unnecessary for the stated purpose.
Persistence & Privilege: okThe skill does not set always:true and does not include an install that persists code. It asks to save a session_id returned by the API (expected for session flows) but gives no guidance about secure storage. Autonomous invocation is allowed (platform default) and not combined with an always:true flag or broad unrelated credential access.