Skillv1.0.0

ClawScan security

Candy Ai · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

ReviewApr 13, 2026, 8:33 AM

Verdict: Review
Confidence: medium
Model: gpt-5-mini
Summary: The skill's declared purpose (cloud video editing) matches its runtime instructions, but there are small inconsistencies and a couple of scope creep signals (implicit filesystem probing and mismatched metadata) that merit review before install.
Guidance: This skill appears to do what it claims (upload your media to a NemoVideo backend and return edited videos) and only needs a NEMO_TOKEN. Before installing, confirm: 1) where NEMO_TOKEN comes from and what permissions it grants; 2) whether you are comfortable the skill will upload any video/image you provide to https://mega-api-prod.nemovideo.ai; 3) why the SKILL.md lists a local config path (~/.config/nemovideo/) and asks to detect install paths — ask the author to clarify whether the skill will read or write files there. Avoid sending sensitive personal footage until you verify the service's privacy/retention policy and the token's scope. If you need higher assurance, request an explicit manifest from the author showing exactly which local paths are read and whether any data is stored locally.

Review Dimensions

Purpose & Capability: noteName/description (AI companion video generation) align with the endpoints, flows, and headers in SKILL.md. Requesting a single API credential (NEMO_TOKEN) is expected for a cloud API-backed video service. However, SKILL.md's YAML frontmatter declares a configPath (~/.config/nemovideo/) while the registry metadata said there are no required config paths — an internal inconsistency.
Instruction Scope: concernInstructions are mostly scoped to uploading user media and controlling the remote render API (expected). But the doc tells the agent to detect install paths (e.g. check for ~/.clawhub/ or ~/.cursor/skills/) and references a local config path (~/.config/nemovideo/). Those steps imply the agent may probe filesystem locations that were not declared as required in the registry metadata; this is scope creep and should be confirmed as necessary.
Install Mechanism: okThere is no install spec and no code files (instruction-only). That minimizes install-time risk — nothing is downloaded or written to disk by an installer.
Credentials: noteOnly NEMO_TOKEN is required (declared as primary credential), which is proportionate for a remote API. The skill also instructs acquiring an anonymous token if none is present; that behavior is reasonable but means the agent may fetch and use temporary credentials on the user's behalf. No other unrelated secrets are requested.
Persistence & Privilege: okalways:false and no special persistence actions are requested. The skill can be invoked autonomously (platform default) but it does not request elevated persistent presence or modify other skills' configs.