Skillv1.0.0

ClawScan security

Editor Ai Generator · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 28, 2026, 5:43 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's functionality (cloud AI video editing) matches the required API token, but it also instructs the agent to auto-create/store anonymous tokens, auto-connect to an external backend on first open, and its SKILL.md metadata conflicts with registry fields — proceed with caution.
Guidance: This skill appears to do what it says — upload user video to a cloud API and return edited results — but you should be cautious before installing/using it. Things to consider: 1) It will call an external domain (mega-api-prod.nemovideo.ai) automatically when the skill is first opened and may obtain/store an anonymous token and session_id; if you prefer explicit consent, ask the maintainer to remove automatic connection. 2) The SKILL.md mentions writing/reading ~/.config/nemovideo/ (token storage) even though registry metadata didn't list config paths — verify whether sensitive tokens or session IDs are persisted to disk and where. 3) Uploaded videos will be sent to a third-party service — review privacy/terms for nemovideo.ai and avoid sending sensitive footage. 4) Confirm how long anonymous tokens live and whether they are revoked when you stop using the skill. 5) If you need stronger assurance, request the skill's source/homepage or prefer a skill with an auditable codebase. If you proceed, monitor what the skill stores (files or config entries) and when it makes outbound requests.

Review Dimensions

Purpose & Capability: noteThe skill's stated purpose (AI cloud video editing) aligns with the single required credential NEMO_TOKEN and the documented API endpoints. Minor inconsistency: the SKILL.md frontmatter declares a config path (~/.config/nemovideo/) and includes metadata fields not reflected in the registry summary (registry listed no required config paths). This mismatch should be resolved but does not by itself break purpose–capability alignment.
Instruction Scope: concernInstructions direct the agent to automatically obtain an anonymous token and create a session when the skill is first opened (network calls before explicit user upload), and to store session_id/token for subsequent use. That automatic, background connection is scope-creep relative to a purely on-demand editor and can cause network activity and token creation without explicit user consent. Otherwise the steps (uploading videos and calling render endpoints) stay within the editing purpose.
Install Mechanism: okInstruction-only skill with no install spec or code files — lowest install risk. The scanner had no code to analyze.
Credentials: noteThe only declared credential is NEMO_TOKEN (primaryEnv), which is appropriate for a cloud service. However, SKILL.md also lists a config path (~/.config/nemovideo/) in its frontmatter, which suggests the skill may persist tokens/config to disk even though the registry did not declare any config path. Confirm whether tokens or session IDs are written to disk and where.
Persistence & Privilege: concernalways:false (good) and autonomous invocation is the default (expected). The issue is the explicit instruction to 'connect to the processing backend automatically' on first-open and to persist a session token; that gives the skill the ability to perform network operations immediately and to store tokens/sessions. This is a privacy/visibility concern even though it isn't an elevated platform privilege like always:true.