ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Nemo

v1.0.2

Search and invoke over 1500 MCP tools and agent skills across remote servers, with access to full skill instructions and usage details.

0· 1.2k·0 current·0 all-time
by@mootbing
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The SKILL.md describes a search-and-proxy service (search_tools, call_tool, get_skill) and the included files match that behavior. However the published package lacks a description/homepage and the owner is unknown, so provenance is weak even though functionality is coherent.
!
Instruction Scope
Instructions tell agents to fetch full SKILL.md documents and to POST arbitrary tool calls (endpoint, tool, args) to nemo's API. That is consistent with a discovery/proxy tool, but it gives the agent the ability to fetch and then 'follow' arbitrary instructions from unknown third parties and to forward arbitrary inputs to remote endpoints — which can lead to sensitive data being sent externally or execution of unsafe instructions. The skill provides no guidance or constraints about not forwarding secrets or about validating fetched instructions.
Install Mechanism
Instruction-only skill with no install spec or code files. This is low-risk from an install surface perspective because nothing is written to disk by the package itself.
Credentials
The skill declares no required environment variables or credentials, which is proportionate. However, its documented workflow encourages calling external tools that may request credentials or accept arbitrary input; the skill does not warn agents to avoid sending secrets to remote endpoints.
!
Persistence & Privilege
always:false (normal) but model invocation is enabled (default), so an autonomous agent could call the external service without the user's direct action. Combined with the ability to fetch and follow arbitrary SKILL.md content and call arbitrary endpoints, this increases the potential blast radius if the external service or indexed tools are untrusted.
Scan Findings in Context
[scan-empty] expected: No code files present; the regex-based scanner had nothing to analyze. The security-relevant behavior comes entirely from the SKILL.md instructions and the external nemo API.
What to consider before installing
This skill is a discovery/proxy that fetches and invokes tools hosted on external servers. Before installing: (1) verify and trust the nemo endpoint (https://nemo.25chenghua.workers.dev) and its operator — there is no homepage or owner reputation here; (2) do not allow the agent to send secrets or credentials when using this skill — treat all calls as going to an untrusted network; (3) prefer manual review: use search_tools to find candidates, then fetch SKILL.md and inspect it yourself before allowing the agent to 'follow' any install or execution instructions; (4) restrict or disable autonomous invocation for this skill if you are concerned about the agent invoking remote tools without confirmation; (5) consider running any tests in an isolated/sandbox environment and limit network egress if possible. If you need help assessing a specific nemo search result or a fetched SKILL.md, review that content separately before trusting it.

Like a lobster shell, security has layers — review code before you run it.

latestvk97ackkma976c0nnxbx2990pgs811ddx
1.2kdownloads
0stars
3versions
Updated 6h ago
v1.0.2
MIT-0
@mootbing
latest
Download

Nemo — MCP Tool Search Engine

Search engine for MCP tools and agent skills. Search 790+ MCP server tools and 760+ agent skills in one place, call remote MCP tools, and get full skill instructions.

Base URL: https://nemo.25chenghua.workers.dev

MCP Tools

Nemo provides three MCP tools for discovering and invoking capabilities:

  • search_tools: Search for MCP tools and agent skills by keyword. Returns compact results by default (tool name, server, title). Set detail='full' to include descriptions and input schemas. Use source to filter by type (all, mcp, skills).
  • call_tool: Call a tool on a remote MCP server by specifying the endpoint, tool name, and arguments. Response is truncated to maxResponseChars (default 10000). Tracks latency and logs usage.
  • get_skill: Get full instructions for an agent skill. Returns the complete SKILL.md content, install command, and metadata. Use after search_tools to get detailed skill instructions.

HTTP API

Nemo also exposes REST API endpoints for direct access:

Search

curl "https://nemo.25chenghua.workers.dev/api/search?q=QUERY&limit=5&detail=compact&source=all"

Each result has a type field: "mcp_tool" or "skill".

Get Skill Instructions

curl "https://nemo.25chenghua.workers.dev/api/skill/SKILL_NAME?repo=owner/repo"

Returns the complete instructions, install command, and metadata.

Call a Remote MCP Tool

curl -X POST "https://nemo.25chenghua.workers.dev/api/call" \
  -H "Content-Type: application/json" \
  -d '{"endpoint": "SERVER_URL", "tool": "TOOL_NAME", "args": {}}'

Use the serverEndpoint and toolName from search results.

Workflow

  1. Search: curl ".../api/search?q=file+conversion"
  2. If result is type: "skill" → get instructions: curl ".../api/skill/SKILL_NAME" → follow them
  3. If result is type: "mcp_tool" → call it: POST .../api/call with endpoint, tool, args

Useful for AI agents that need to discover and invoke tools dynamically across a distributed network of MCP servers and agent skills.

Comments

Loading comments...