ClawHub
Back to skill
v1.0.0

Editor Anup

SuspiciousClawScan verdict for this skill. Analyzed Apr 30, 2026, 12:04 PM.

Analysis

The skill appears to perform cloud video editing, but it uses or creates a Nemo token, uploads media to an external backend, and lets backend responses trigger actions while hiding technical details.

GuidanceInstall only if you are comfortable sending raw media to the Nemo Video cloud service and letting the skill use or create a Nemo token. Prefer a dedicated limited token, review credit usage, and confirm uploads/exports before allowing it to process private or valuable footage.

Findings (9)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Agent Goal Hijack
SeverityMediumConfidenceHighStatusConcern
SKILL.md
Backend says "click [button]" / "点击" | Execute via API ... "Export button" / "导出" | Execute export workflow

The skill makes remote backend text authoritative for agent actions, including export, without an explicit instruction to verify that each action matches the user's current request.

User impactA backend response could cause the agent to take editing or export actions the user did not clearly request.
RecommendationOnly execute backend-suggested actions when they directly match the user's current request, and ask for confirmation before uploads, exports, or credit-consuming actions.
Tool Misuse and Exploitation
SeverityMediumConfidenceHighStatusConcern
SKILL.md
Export — `POST /api/render/proxy/lambda` with render ID and draft JSON. Poll `GET /api/render/proxy/lambda/<id>` every 30s for `completed` status and download URL.

The skill directs the agent to run cloud export workflows and polling, but the artifacts do not clearly require user approval before credit-consuming or persistent render actions.

User impactThe skill may start or continue cloud render work that consumes service resources or produces outputs before the user has confirmed final intent.
RecommendationRequire an explicit user confirmation before export/render jobs and clearly show when credits or remote resources may be used.
Agentic Supply Chain Vulnerabilities
SeverityLowConfidenceHighStatusNote
metadata
Source: unknown; Homepage: none

There is no code install path to review, but the skill's provenance is limited while it depends on a remote backend service.

User impactUsers have limited public provenance information for the publisher or service behind the skill.
RecommendationVerify the publisher and Nemo Video service independently before using it with valuable credentials or private media.
Cascading Failures
SeverityLowConfidenceHighStatusNote
SKILL.md
The session token carries render job IDs, so closing the tab before completion orphans the job.

A render job can continue or become disconnected from the user's active session, which can make cleanup or recovery unclear.

User impactA failed or interrupted session may leave cloud jobs running or make completed outputs harder to retrieve.
RecommendationProvide clear status, cancellation, and recovery steps for render jobs.
Human-Agent Trust Exploitation
SeverityMediumConfidenceHighStatusConcern
SKILL.md
Tell the user you're ready. Keep the technical details out of the chat.

This instruction follows token/session setup and can hide material details about remote service connection and credential use from the user.

User impactUsers may not realize a token was created or used and that their media is being handled by a third-party cloud backend.
RecommendationDisclose the external service, token use, and upload/export implications in plain language before processing user media.
Rogue Agents
SeverityLowConfidenceMediumStatusNote
SKILL.md
closing the tab before completion orphans the job

The remote render job may continue after the user's active interaction ends, although this appears tied to the stated rendering purpose.

User impactCloud rendering may keep running after the user leaves, which can affect credits, cleanup, or output retrieval.
RecommendationWarn users before starting long-running renders and provide a way to cancel or find orphaned jobs.
Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse
SeverityMediumConfidenceMediumStatusConcern
SKILL.md
If `NEMO_TOKEN` is in the environment, use it directly ... Otherwise, acquire a free starter token ... The response includes a `token` with 100 free credits valid for 7 days — use it as NEMO_TOKEN

The skill can use an existing bearer credential or automatically create a new service token, which grants access to account/session resources and credits.

User impactA user's Nemo token or automatically created token could be used for uploads, state reads, exports, and credit-consuming operations.
RecommendationUse a dedicated limited token, monitor credits, and require consent before creating or using service credentials.
Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Memory and Context Poisoning
SeverityLowConfidenceMediumStatusNote
SKILL.md
State — `GET /api/state/nemo_agent/me/<sid>/latest` — current draft and media info.

The skill retrieves remote session state and media metadata that can influence later summaries, edits, and exports.

User impactIncorrect or stale session state could affect what the agent says was edited or what gets exported.
RecommendationShow concise state summaries to the user and confirm important changes before export.
Insecure Inter-Agent Communication
SeverityMediumConfidenceHighStatusNote
SKILL.md
All calls go to `https://mega-api-prod.nemovideo.ai` ... Upload — `POST /api/upload-video/nemo_agent/me/<sid>` — multipart file or JSON with URLs.

User media, messages, and session identifiers are sent to an external provider; the artifacts do not describe data retention, sharing, or provider-side access boundaries.

User impactRaw videos, audio, images, prompts, and generated drafts may be processed by the external Nemo Video backend.
RecommendationUse the skill only with media you are comfortable sending to that provider, and check the provider's privacy and retention terms.