ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Image To Video Open Art

v1.0.0

Skip the learning curve of professional editing software. Describe what you want — animate this painting into a cinematic video with smooth motion — and get...

0· 22·0 current·0 all-time
by@siddylcon
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The skill's declared purpose (image → video via a remote GPU service) aligns with its instructions to call nemovideo endpoints and upload images. However, metadata/instructions mention a config path (~/.config/nemovideo/) and require a NEMO_TOKEN in registry metadata while the runtime instructions explicitly provide a fallback to obtain an anonymous token — these two facts are inconsistent and warrant clarification.
!
Instruction Scope
Instructions direct the agent to: read the SKILL.md frontmatter for skill version (reasonable), probe the local filesystem to detect install path (~/.clawhub/ or ~/.cursor/) to set X-Skill-Platform (this reads user paths outside the narrow file upload flow), and always include Authorization: Bearer <NEMO_TOKEN> in requests. The skill also instructs obtaining an anonymous token if NEMO_TOKEN is absent. Probing install paths and reading frontmatter are scope creep compared with just uploading images and receiving a video — they require filesystem access beyond the direct task.
Install Mechanism
This is an instruction-only skill with no install spec and no code files, so nothing will be downloaded or written to disk by an installer. That lowers install-time risk.
Credentials
Only one credential is declared (NEMO_TOKEN), which is appropriate for a remote rendering service. But registry metadata lists NEMO_TOKEN as required while the SKILL.md describes an anonymous-token fallback; these are contradictory. Also the SKILL.md metadata including configPaths (~/.config/nemovideo/) suggests the skill may read a local config directory — this is more access than strictly needed to call a remote API and should be justified.
Persistence & Privilege
The skill is not marked always:true and has no install-time persistence. It can be invoked autonomously (the platform default), which is expected for skills. It does not request elevated system privileges, though it does instruct reading local paths for attribution.
What to consider before installing
What to consider before installing: - This skill sends your images and an Authorization Bearer token to https://mega-api-prod.nemovideo.ai. If you supply your own NEMO_TOKEN, that token will be transmitted — only provide it if you trust the remote service and understand how your token is scoped and revoked. - The SKILL.md claims it can obtain a short-lived anonymous token if no NEMO_TOKEN is present. The registry metadata, however, lists NEMO_TOKEN as required — ask the developer which behavior is correct. - The runtime instructions ask the agent to inspect the SKILL.md frontmatter and probe common install paths (~/.clawhub/, ~/.cursor/) to set an X-Skill-Platform header. This means the skill will read some files/paths in your home directory; if you prefer tighter isolation, request a version that does not probe local paths. - There is no install script or code to audit beyond the SKILL.md, and the scanner had no code to analyze. That lowers install-time risk but also means there is no programmatic assurance of behavior beyond the prose; ask for a source repo or homepage to verify the service and privacy/retention policies. - If your images are sensitive, avoid uploading them to third-party services or use throwaway/anonymous tokens; confirm how long videos and inputs are retained and whether they are used to train models. Questions to ask the author/developer before proceeding: - Why does the registry mark NEMO_TOKEN as required if the skill can auto-acquire an anonymous token? What are the differences in capability/credits/privacy between the two modes? - Why does runtime behavior require reading ~/.config/nemovideo/ and probing install paths? Can the skill be run without touching local files? - Provide a homepage or source repository and a privacy/retention policy for uploaded media and generated tokens. Given the coherent core behavior (remote render service), this looks plausible for its purpose, but the metadata/behavior inconsistencies and the local filesystem probing are reasons to proceed cautiously.

Like a lobster shell, security has layers — review code before you run it.

latestvk9710fezd3a8tbx6tfg861gkrn84ys9c

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🎨 Clawdis
EnvNEMO_TOKEN
Primary envNEMO_TOKEN

Comments