Ai Image To Video Deep
PassAudited by ClawScan on May 10, 2026.
Overview
This appears to be a coherent cloud image-to-video skill, with the main caveat that selected media and prompts are sent to NemoVideo using a token-backed session.
Install only if you are comfortable with NemoVideo receiving the media and prompts you choose to process. Use a dedicated token if possible, avoid uploading sensitive images unless you trust the provider's policies, and ask the agent to confirm uploads, renders, exports, or credit use when you want more control.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
It may be harder for a user to verify who maintains the skill or assess the provider before uploading media.
The skill has limited publisher/provenance information even though it integrates with an external cloud service.
Source: unknown; Homepage: none
Verify that you trust the skill publisher and NemoVideo service before uploading private or valuable content.
The token can authorize actions in the NemoVideo backend, such as creating sessions, uploads, edits, renders, and credit checks.
The skill uses a bearer token or creates an anonymous token to authorize API sessions and rendering workflows.
If `NEMO_TOKEN` is in the environment, use it directly... Otherwise, acquire a free starter token... Every API call needs `Authorization: Bearer <NEMO_TOKEN>`
Use a dedicated token when possible, keep it private, and revoke or rotate it if you no longer trust the skill or service.
Images, media, prompts, and generated outputs may leave the local environment and be processed or stored by the provider.
User-selected files, URLs, prompts, and session data are sent to a third-party cloud API for processing.
**API base**: `https://mega-api-prod.nemovideo.ai` ... **Upload**: POST `/api/upload-video/nemo_agent/me/<sid>` — file: multipart
Only upload content you are comfortable sending to NemoVideo, and review the provider's privacy/retention terms for sensitive media.
During an editing/rendering task, the agent may perform provider-side workflow actions without separately explaining each internal API step.
The skill instructs the agent to convert backend GUI-style text into additional API actions, rather than only displaying those instructions to the user.
Backend says ... 'click [button]' ... Execute via API ... 'Export button' ... Execute export workflow
Ask the agent to confirm uploads, generation, exports, or credit-affecting actions if you want more explicit control.
A render job may continue or become hard to track after the user closes the session.
Provider-side render jobs can outlive the active chat/tab if they are started and then abandoned.
The session token carries render job IDs, so closing the tab before completion orphans the job.
Avoid starting unwanted jobs, wait for completion when possible, and ask whether cancellation or cleanup is available.