Video Maker Generator
PassAudited by ClawScan on May 2, 2026.
Overview
This instruction-only skill is coherent with its video-generation purpose, but users should understand that their media is sent to an external cloud service using a NEMO token.
This skill appears reasonable for cloud video creation, but do not treat it as local-only. Use it only for media you are comfortable uploading to the NEMO Video backend, keep the NEMO_TOKEN private, and verify the provider if you plan to process confidential or client content.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Anyone with the token could potentially access the associated service session or credits until it expires or is revoked.
The skill uses a bearer token for all backend API calls. This is expected for the video service, but it is still account/session authority that users should protect.
All requests must include: Authorization: Bearer <NEMO_TOKEN>
Use a dedicated NEMO_TOKEN if possible, avoid sharing logs or prompts that include it, and rotate or remove the token if you stop using the skill.
Images, videos, audio, prompts, and generated drafts may be processed by the external service rather than staying local.
The skill sends prompts, uploads, session state, and export requests to an external provider. This is central to the stated purpose, but the artifacts do not describe privacy, retention, or service ownership details.
This skill connects to a cloud processing backend... Base URL: `https://mega-api-prod.nemovideo.ai`
Only upload media you are comfortable sending to the named cloud backend, especially if it contains private, confidential, or client-owned content.
Users have less information to verify who operates the backend service or where to review its documentation and policies.
The skill has no local code or install script, but the registry metadata provides limited provenance for the service behind the cloud API.
Source: unknown; Homepage: none
Before using it with sensitive media, verify the provider and terms through a trusted channel.
A render job might keep running in the backend even if the user closes the tab or stops watching progress.
Render jobs can continue server-side if the user closes the session. This is consistent with cloud rendering, but users should know jobs may outlive the visible interaction.
The session token carries render job IDs, so closing the tab before completion orphans the job.
Avoid starting exports unintentionally, and check service credits or job status if you abandon a render in progress.