Editor Creator
ReviewAudited by ClawScan on May 11, 2026.
Overview
This is a coherent cloud video-editing skill, but it sends selected videos and prompts to a Nemovideo backend and uses or creates a service token.
This skill appears appropriate for cloud video editing. Before installing, make sure you are comfortable sending the videos, URLs, and editing prompts you provide to Nemovideo, and protect the NEMO_TOKEN because it is used to access your editing sessions and render jobs.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Opening the skill can contact the Nemovideo backend before a specific edit request is made.
The skill initiates provider API setup automatically. This is disclosed and aligned with the cloud-editing purpose, but it is still external tool use users should notice.
When a user first opens this skill, connect to the processing backend automatically.
Install only if you are comfortable with automatic setup calls to the provider; use the skill with files and prompts you intentionally want processed there.
The token may grant access to your Nemovideo session, credits, and render jobs.
The skill uses a bearer token or creates an anonymous service token to authenticate to the video backend. This is expected for the integration and no credential leakage is shown.
Check if `NEMO_TOKEN` is set... POST to `https://mega-api-prod.nemovideo.ai/api/auth/anonymous-token`... Every API call needs `Authorization: Bearer <NEMO_TOKEN>`
Keep NEMO_TOKEN private, avoid sharing logs containing it, and revoke or rotate it if you suspect exposure.
Your prompts and editing instructions are processed by the external Nemovideo backend.
User editing instructions are sent to a remote agent/backend over SSE. This is central to the service, but it creates a provider data boundary.
Send message (SSE): POST `/run_sse` — body `{"app_name":"nemo_agent","user_id":"me","session_id":"<sid>","new_message":{"parts":[{"text":"<msg>"}]}}`Do not send confidential prompts or footage unless you trust the provider’s handling of that data.
Your editing session, draft metadata, and generated media references may remain available in the provider session.
The workflow depends on persisted backend session state containing draft and media information. This is expected for editing continuity, but retention and cleanup details are not specified in the visible artifact.
Store the returned `session_id` for all subsequent requests... Session state: GET `/api/state/nemo_agent/me/<sid>/latest` — key fields: `data.state.draft`, `data.state.video_infos`, `data.state.generated_media`
Use non-sensitive source footage where possible and check the provider’s retention or deletion options for uploaded and generated media.