Skillv1.0.0

ClawScan security

Text To Online · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 18, 2026, 3:22 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's declared purpose (convert text to videos) aligns with its API usage and single required credential, but there are small inconsistencies and vague runtime instructions (metadata vs registry, auto-detection of install path, required attribution headers) that warrant caution before installing.
Guidance: This skill largely does what it says: it calls a third‑party rendering API and needs a single service token (NEMO_TOKEN). Before installing: 1) Verify the skill's source/homepage and the domain (mega-api-prod.nemovideo.ai). 2) Ask the author to clarify the config path usage (~/.config/nemovideo/) and whether the agent will read files there. 3) Confirm how the X-Skill-Platform header is derived — auto-detection may require reading the agent's install path or filesystem; ask for a safer alternative. 4) Prefer using ephemeral/anonymous tokens (the SKILL.md supports anonymous-token flow) rather than pasting long-lived credentials. 5) If possible, test in an isolated environment, monitor network calls and token usage, and rotate any tokens provided afterward.

Review Dimensions

Purpose & Capability: noteThe skill's name/description match the actions described in SKILL.md (upload text, queue cloud render jobs, download MP4). Requiring a single service token (NEMO_TOKEN) is proportionate. However, the SKILL.md frontmatter mentions a config path (~/.config/nemovideo/) while the registry reports no required config paths — this mismatch is unexplained and should be clarified.
Instruction Scope: noteInstructions are mostly scoped to interacting with the nemovideo API (session creation, SSE chat, upload, export, polling). They read the NEMO_TOKEN env var (declared) and describe anonymous-token flow. Two areas of vagueness: (1) attribution headers require an auto-detected X-Skill-Platform value derived from the install path (this implies filesystem/installation-path inspection), and (2) the metadata/configPaths entry suggests the skill may read a user config directory. The SKILL.md otherwise does not instruct broad data exfiltration, but the auto-detect and config path behavior should be confirmed.
Install Mechanism: okInstruction-only skill with no install spec and no code files — lowest install risk. Nothing is downloaded or written by an install process in the package itself.
Credentials: noteThe only required environment variable is NEMO_TOKEN (declared as primaryEnv), which is appropriate for an API-backed video service. The SKILL.md also references a possible config directory (~/.config/nemovideo/) in its frontmatter; if the skill actually reads that directory it may access stored credentials or state — this should be explicitly documented. No other unrelated credentials are requested.
Persistence & Privilege: okThe skill does not request always:true or other elevated persistence. It uses the platform-default model invocation. It does not ask to modify other skills or system-wide settings in the provided instructions.