Skillv1.0.0

ClawScan security

Editor Background · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 28, 2026, 4:19 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's instructions mostly match a cloud video-background service and the single required credential (NEMO_TOKEN) is expected, but there are inconsistent metadata declarations and a few instructions that require the agent to read local install/config paths which are not clearly necessary — this mismatch warrants caution.
Guidance: This skill appears to implement a normal cloud video-background workflow and legitimately needs an API token (NEMO_TOKEN) to call the external service. Before installing or invoking it: - Prefer using an ephemeral or anonymous token (the skill can fetch a 7‑day free token) rather than pasting long-lived personal credentials. - Be cautious about uploading sensitive video content — uploads go to an external domain (mega-api-prod.nemovideo.ai). Verify the service reputation and privacy/retention policies. - Note the metadata inconsistency: SKILL.md asks the agent to inspect install paths and a config directory (~/.config/nemovideo/) while registry metadata did not declare required config paths. Ask the publisher to explain why the skill needs to probe these local paths. - If you are uncomfortable with filesystem probing, avoid granting this skill access to your environment, or run it in a restricted environment/container. If the publisher can confirm that reading SKILL.md frontmatter is the only local read and that no other user files or configs are accessed, the concerns are reduced. If they cannot, treat the config-path/installation detection behaviour as a potential privacy risk.

Review Dimensions

Purpose & Capability: okName/description claim cloud-based background-replacement for uploaded videos. The declared primary env (NEMO_TOKEN) and the API endpoints in SKILL.md are consistent with that purpose; upload, session, SSE, render and download flows are all expected for a cloud render service.
Instruction Scope: concernThe runtime instructions include normal API flows (auth, create session, upload, SSE, poll render). However, they also instruct the agent to read this file's YAML frontmatter for attribution and to detect an install path (e.g., ~/.clawhub/ vs ~/.cursor/skills/) to set X-Skill-Platform. Detecting install path or reading arbitrary config locations may require probing the user's filesystem beyond what's strictly needed to call the service and is scope creep.
Install Mechanism: okInstruction-only skill with no install spec or code files; it does not write or execute files on disk by itself. This is the lowest install risk.
Credentials: concernOnly NEMO_TOKEN is declared as required (appropriate for a third‑party API). But SKILL.md frontmatter also lists configPaths ("~/.config/nemovideo/") and the runtime text instructs checking install paths — the registry metadata you provided showed no required config paths. This inconsistency is unexplained and implies the skill may attempt to read local configuration that isn't justified by the stated purpose.
Persistence & Privilege: okalways is false and the skill does not request elevated or persistent platform privileges. It does not instruct modifying other skills or system-wide settings.