Skillv1.0.0

ClawScan security

Ai Subtitle Japanese · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

ReviewApr 13, 2026, 12:41 AM

Verdict: Review
Confidence: medium
Model: gpt-5-mini
Summary: The skill mostly does what its description says (cloud subtitle generation) but there are packaging inconsistencies and a few instruction-level behaviors (automatic anonymous token creation, derivation of headers from local install path, and an embedded configPaths entry) that don't fully line up and deserve user attention before installing.
Guidance: This skill will upload any video you give it to a third-party service (mega-api-prod.nemovideo.ai) to generate subtitles — that is expected for its function. Points to consider before installing: - Privacy: your videos (and any metadata) are sent to an external service; confirm you trust nemovideo.ai and review their privacy/retention policy. - Tokens: the skill accepts a NEMO_TOKEN if you provide one, but it can also auto-create an anonymous token by calling the API. If you prefer control, supply your own token rather than relying on anonymous provisioning. - Metadata inconsistency: the frontmatter in SKILL.md mentions a config path (~/.config/nemovideo/) that the registry listing did not — this mismatch suggests sloppy packaging and means the skill might attempt to read local config/paths. Ask the publisher to clarify whether the skill will access local config or only use the provided token. - Installation-path header: the skill derives X-Skill-Platform from your install path (e.g., ~/.clawhub/). That can reveal local install layout; if that concerns you, ask whether this header is required and what it is used for. If any of the above is unacceptable, do not install. If you proceed, prefer providing an explicit NEMO_TOKEN you control and avoid uploading sensitive videos until you verify the service's policies.

Review Dimensions

Purpose & Capability: noteThe skill's stated purpose (upload video, generate Japanese subtitles on a cloud backend) matches the network calls in SKILL.md (uploads, SSE, render/export). However the SKILL.md frontmatter includes a configPaths entry (~/.config/nemovideo/) whereas the registry metadata listed no config paths — this inconsistency suggests the package metadata may be sloppy or out-of-date. Requiring NEMO_TOKEN is coherent for a cloud API, but the instructions also implement an anonymous-token acquisition flow if NEMO_TOKEN is absent, which changes the credential model from 'require user-provided token' to 'auto-provision token' and should be noted.
Instruction Scope: noteThe instructions explicitly instruct the agent to upload user-provided video files and to contact a third-party API (https://mega-api-prod.nemovideo.ai) for session creation, SSE, uploads, and exports — this is expected for the feature. Notable behaviors: (1) If NEMO_TOKEN is missing the agent will POST to an anonymous-token endpoint and use the returned token; (2) it derives an X-Skill-Platform header from local install paths (e.g., ~/.clawhub/, ~/.cursor/skills/) — detecting or reading those paths could leak local install layout; (3) it instructs the agent to include specific attribution headers on every request (missing them causes a 402). The instructions do not ask to read unrelated files or other env vars, but the install-path detection and embedded configPaths are scope-creep signals to consider.
Install Mechanism: okInstruction-only skill with no install spec and no code files: nothing is written to disk by an install step. This is the lowest-risk install mechanism.
Credentials: noteOnly one declared credential (NEMO_TOKEN) which is proportionate for a cloud API. However the skill will auto-request an anonymous token if NEMO_TOKEN is absent, meaning it can obtain and use tokens without explicit user-provided secrets. The SKILL.md frontmatter also lists a configPaths entry (~/.config/nemovideo/) that is not reflected in the registry listing — if the agent actually reads that path it could access local config, which would be beyond the minimal credential need.
Persistence & Privilege: okalways:false (not force-included) and no statements about modifying other skills or system-wide settings. The skill will run network calls and may be invoked autonomously (platform default) but it does not request persistent elevated privileges in the manifest.