Skillv1.0.0

ClawScan security

Ai Subtitle In Vlc · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

ReviewApr 12, 2026, 9:08 PM

Verdict: Review
Confidence: medium
Model: gpt-5-mini
Summary: The skill's instructions mostly match its stated purpose (cloud subtitle generation) and only need a single API token, but there are metadata inconsistencies and privacy implications you should understand before uploading videos or supplying credentials.
Guidance: This skill appears to do what it says: it uploads videos to nemo's cloud API, generates burned-in subtitles, and returns a downloadable MP4. Before installing or using it: (1) Confirm the metadata discrepancy about ~/.config/nemovideo/ — ask the author whether the agent will read local config files; (2) Do NOT upload sensitive or private videos unless you trust the external service and its privacy policy, because files are sent to mega-api-prod.nemovideo.ai; (3) Only provide a NEMO_TOKEN you control and rotate it if you later revoke access; (4) Be aware the skill will POST to an external endpoint and may obtain anonymous tokens if no NEMO_TOKEN is present (these tokens grant temporary credits); (5) If you need higher assurance, request the skill owner/publisher info (homepage, source) or a signed manifest clarifying required env/config access before using with sensitive data.

Review Dimensions

Purpose & Capability: noteName and description (generate and embed subtitles) align with the runtime instructions, which call a single backend (mega-api-prod.nemovideo.ai) and require NEMO_TOKEN. However, the frontmatter inside SKILL.md declares a required config path (~/.config/nemovideo/) while the registry metadata reported no required config paths — this mismatch is incoherent and should be clarified.
Instruction Scope: okInstructions explicitly describe uploading user video files to the named cloud service, creating sessions, using SSE, polling render endpoints, and returning a download URL. The instructions do not ask the agent to read unrelated local files or other environment variables beyond NEMO_TOKEN (except the noted configPath in frontmatter). The expected behavior (uploading videos and using returned URLs) is within the stated purpose — but it does involve sending user video/audio to an external service.
Install Mechanism: okThis is an instruction-only skill with no install spec or code files, so nothing is written to disk by an installer. That lowers supply-chain risk.
Credentials: noteThe only declared credential is NEMO_TOKEN (primaryEnv), which is appropriate for a cloud API. The SKILL.md also references a config path (~/.config/nemovideo/) in its frontmatter metadata; the registry listing omitted that path. If the skill actually requires reading that local config path, that would increase privilege and should be justified. Otherwise the mismatch looks like sloppy metadata.
Persistence & Privilege: okThe skill is not always-enabled and is user-invocable. It does not request elevated persistent privileges or to modify other skills. Autonomous invocation is allowed (platform default) but not combined with other high-risk flags.