Skillv1.0.0

ClawScan security

Maker Free Ai · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 28, 2026, 7:26 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's instructions line up with a cloud-based AI video service and its single declared credential (NEMO_TOKEN) is proportionate, but missing publisher information and a metadata inconsistency about config paths (plus long-lived SSE/upload behavior) leave open questions you should resolve before installing.
Guidance: This skill looks like a normal cloud video creation integration, but before installing you should: 1) confirm the publisher or a homepage/source code so you can verify who runs mega-api-prod.nemovideo.ai; 2) ask whether the agent will read ~/.config/nemovideo/ (and what it contains) and whether any local files beyond user-uploaded media will be accessed; 3) prefer using a throwaway/anonymous token (the SKILL.md provides an anonymous-token flow) rather than a long-lived personal credential; 4) avoid uploading sensitive or private files (IDs, unreleased assets) until you trust the service; 5) consider network and storage implications of uploading large files and long-lived SSE streams; and 6) revoke any token after use or set a short expiry if possible. If the publisher/source code or clarifying documentation are provided, re-evaluating could raise confidence to benign.

Review Dimensions

Purpose & Capability: noteName/description describe cloud video creation and the SKILL.md exclusively calls a nemo-video API and file upload endpoints — asking for NEMO_TOKEN is coherent. However registry metadata (required config paths: none) disagrees with the skill frontmatter (metadata lists ~/.config/nemovideo/), which is an inconsistency to clarify.
Instruction Scope: noteRuntime instructions are focused on session creation, SSE streaming, uploads, and exports to the specified API — all expected for a render-as-a-service video tool. Points to watch: the skill directs generating/saving a token if none exists, long-lived SSE connections (up to 15 minutes) and uploads of large files (up to 500MB). The frontmatter implies detecting an install path / config path for platform/version attribution which could require reading agent install/config locations; the doc does not explicitly justify reading arbitrary config beyond the nemo config directory.
Install Mechanism: okInstruction-only (no install spec, no code files). This is lower-risk because nothing is written or downloaded by an automated installer. Network calls will still occur at runtime.
Credentials: noteOnly NEMO_TOKEN is declared (primaryEnv). That is proportionate for a hosted API. The skill also provides an anonymous-token flow to generate a temporary token, so it does not strictly require pre-existing secrets. The implicit frontmatter configPaths (~/.config/nemovideo/) suggests the agent may look for local stored tokens/config — reasonable but not documented in the instruction steps, creating ambiguity about what local files will be read.
Persistence & Privilege: okalways:false and normal autonomous invocation settings. The skill asks the agent to save a session_id/token for the session lifecycle (expected). It does not request always:true or system-wide config modifications.