No Login Video Generation
AdvisoryAudited by Static analysis on May 5, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may send generation requests, upload files, and start exports on the video service when you ask it to create or edit a video.
The skill exposes multiple remote API operations for upload, generation, state polling, credits, and export. These operations fit the video-generation purpose, but they can consume service credits and start remote rendering jobs.
Endpoint | Method | Purpose ... `/run_sse` ... `/api/upload-video/nemo_agent/me/<sid>` ... `/api/render/proxy/lambda`
Use the skill only for files and prompts you intend to process in the cloud, and confirm export or credit-consuming actions when the result matters.
Anyone with the token may be able to use the associated credits/session until it expires or is revoked.
The skill requires a bearer token for the NemoVideo backend. This is expected for the service integration and the artifact also instructs not to expose the token.
Every API call needs `Authorization: Bearer <NEMO_TOKEN>`
Keep NEMO_TOKEN private, avoid pasting it into chat, and rotate or remove it if you no longer use the service.
Your uploaded images, videos, audio, and text prompts may be processed and retained according to the backend provider's policies.
The skill clearly sends user prompts and uploaded media to a third-party cloud backend for server-side rendering. This is central to the purpose, but it is a sensitive data flow.
Send me your text prompts or images ... All rendering happens server-side.
Do not upload confidential, regulated, or private media unless you trust the NemoVideo service and understand its data handling terms.