Linkedin Editor Ai
v1.0.0Cloud-based linkedin-editor-ai tool that handles editing and optimizing videos for LinkedIn posts and profiles. Upload MP4, MOV, AVI, WebM files (up to 500MB...
⭐ 0· 62·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
Name/description (LinkedIn video editing) matches the runtime instructions (uploading video files, creating sessions, rendering on a remote service). Requesting a NEMO_TOKEN for API auth is proportionate to the stated purpose.
Instruction Scope
SKILL.md instructs the agent to obtain an anonymous token if NEMO_TOKEN is missing, create sessions, upload local files, and poll rendering endpoints via the nemovideo.ai API. Those actions are expected for a cloud video editor, but they do require the agent to access user-provided local file paths for uploads and to make outbound network calls to mega-api-prod.nemovideo.ai. The skill explicitly advises not to expose raw API responses or token values to users.
Install Mechanism
No install spec or downloaded code is present; this is instruction-only, so nothing is written to disk by an installer step.
Credentials
Only a single credential (NEMO_TOKEN) is declared as required, which is appropriate. However, the YAML frontmatter includes a configPaths entry (~/.config/nemovideo/) while registry metadata lists none — a small inconsistency that could imply the skill expects to read or store config under that path. The SKILL.md itself doesn't instruct broad access to unrelated credentials.
Persistence & Privilege
always is false and the skill does not request system-wide privileges. It instructs storing a session_id for API use, which is normal for a session-based API client.
Assessment
This skill appears to do what it says: it uploads user video files to a nemovideo.ai backend, creates a short-lived anonymous token if you don't provide one, and returns a processed video URL. Before installing, consider: (1) privacy — uploaded videos leave your device and are processed on mega-api-prod.nemovideo.ai; do not upload sensitive footage you don't want transmitted. (2) Token handling — the skill may auto-generate and use an anonymous token (valid ~7 days); if you prefer control, set your own NEMO_TOKEN. (3) Local file access — the agent will need to read file paths you ask it to upload. (4) Metadata inconsistency — the frontmatter references ~/.config/nemovideo/ though registry metadata shows no required config paths; be cautious if the skill starts writing files there. If any of these are unacceptable, do not install or restrict uploads and credentials accordingly.Like a lobster shell, security has layers — review code before you run it.
latestvk97dt9w4knhnxf48ctmwft3j4184kysc
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
💼 Clawdis
EnvNEMO_TOKEN
Primary envNEMO_TOKEN