Skillv1.0.0

ClawScan security

Video Editor Kiss · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 28, 2026, 4:38 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill mostly matches a cloud video-editing workflow (NEMO_TOKEN and calls to nemovideo APIs), but there are internal inconsistencies and a few instruction details that broaden its access beyond what's clearly required.
Guidance: What to consider before installing: - The skill uploads videos and metadata to mega-api-prod.nemovideo.ai and requires an NEMO_TOKEN. Only set NEMO_TOKEN if you trust that service and its privacy policy; otherwise rely on the anonymous-token flow (which still sends a UUID to the same service). - Ask the author to explain the mismatch: the registry says no config paths are required, but SKILL.md mentions ~/.config/nemovideo/ and detecting install paths. Clarify whether the agent will read user home directories or other local files and why. - Be cautious about sending sensitive or private video content to an external cloud service. Verify the service domain and its terms before uploading. - If you want to limit exposure: do not set a permanent NEMO_TOKEN (use the anonymous flow), and avoid sending sensitive files until the above questions are answered. - If you need higher assurance, request the skill author provide a minimal manifest that removes the runtime filesystem probing (install-path detection / configPath reads) or documents exactly what local files are read and why.

Review Dimensions

Purpose & Capability: noteThe skill's stated purpose (cloud-based kiss-scene video editing) aligns with the single declared credential NEMO_TOKEN and the listed API endpoints. However, the SKILL.md frontmatter declares a config path (~/.config/nemovideo/) and a runtime action to detect install paths (e.g., ~/.clawhub/, ~/.cursor/skills/), which is not reflected in the registry metadata (which lists no required config paths). That mismatch is unexpected and should be explained.
Instruction Scope: concernInstructions tell the agent to: (a) use or fetch an NEMO_TOKEN (fine), (b) upload potentially sensitive video files to https://mega-api-prod.nemovideo.ai (expected for a cloud editor), and (c) read the skill's YAML frontmatter and detect the agent's install path to set attribution headers. Reading the install path and a user config directory (~/.config/nemovideo/) expands file-system access beyond what's strictly necessary for sending uploads and session tokens. The file-system detection behavior is not justified by the description and is inconsistent with registry metadata.
Install Mechanism: okThis is an instruction-only skill with no install spec or code, so nothing will be written to disk by an installer. That minimizes install-time risk.
Credentials: noteOnly a single credential (NEMO_TOKEN) is required, which is proportionate to a cloud API integration. The SKILL.md does, however, include a metadata configPaths entry (~/.config/nemovideo/) that was not declared in the registry metadata — that suggests the skill may expect to read local config files in addition to the token. Confirm whether those config path reads actually occur and why.
Persistence & Privilege: okThe skill does not request always:true and uses normal autonomous invocation. It asks the agent to store a session_id for ongoing uploads/renders (ephemeral), which is expected for a render workflow and does not indicate elevated or permanent privileges.