Video Gen Script Online
ReviewAudited by ClawScan on May 10, 2026.
Overview
This is a coherent cloud video/script-generation connector, but it uses a NemoVideo token/session and sends prompts or uploaded files to an external API.
Install only if you are comfortable using the NemoVideo cloud API. Do not upload sensitive documents, private media, or confidential URLs unless you trust the provider, and use a dedicated NEMO_TOKEN where possible.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may perform in-service actions such as editing or exporting during the workflow without showing every raw backend instruction.
The skill lets backend responses drive provider API actions such as export. This is purpose-aligned for a cloud video workflow, but it means actions can be taken based on provider-side instructions rather than only explicit user text.
Backend says | You do ... "click [button]" / "点击" | Execute via API ... "Export button" / "导出" | Execute export workflow
Use the skill for intended video generation tasks and review final outputs or export requests before relying on them.
A NemoVideo token may grant access to credits, sessions, and generated media for that provider account/session.
The skill uses a bearer credential or creates an anonymous provider token for NemoVideo API access. This is expected for the integration, and the artifact says not to print tokens.
If `NEMO_TOKEN` environment variable is already set, use it ... POST to `https://mega-api-prod.nemovideo.ai/api/auth/anonymous-token` ... `data.token` becomes your NEMO_TOKEN
Use a dedicated token if possible, do not share it, and rotate or revoke it if you no longer trust the skill or provider session.
Text prompts, media, documents, or URLs you provide may be processed and stored by the external NemoVideo service.
Prompts, uploaded files, and URLs are sent to an external provider API for processing. This is disclosed and purpose-aligned, but it is a sensitive data boundary.
**API base**: `https://mega-api-prod.nemovideo.ai` ... **Send message (SSE)**: POST `/run_sse` ... **Upload**: POST `/api/upload-video/nemo_agent/me/<sid>` — file: multipart `-F "files=@/path"`, or URL: `{"urls":["<url>"],"source_type":"url"}`Avoid uploading confidential, regulated, or private files unless you trust the provider and its retention/privacy terms.
Users have less independent context for who operates the service behind the API endpoint.
There is no local code to install, which reduces local execution risk, but the artifact provides limited provenance for the external service integration.
Source: unknown; Homepage: none; No install spec — this is an instruction-only skill.
Verify that you trust the NemoVideo service/domain before providing tokens or uploading valuable content.