Skillv1.0.0

ClawScan security

Image To Video Explicit Ai · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 13, 2026, 6:57 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill mostly matches its stated purpose (upload images and call a cloud video-rendering API) but has several inconsistencies and privacy/fingerprinting behaviors that warrant caution before installation.
Guidance: This skill will upload any images you give it (including explicit adult images) to an external service at mega-api-prod.nemovideo.ai and will create or use a NEMO_TOKEN credential for that service. There is no installable client to inspect and the skill's origin/homepage are unknown. Before installing: (1) only use it with images you are comfortable uploading to a third party; (2) do not upload images of minors or anything you are not legally allowed to share; (3) be aware the skill may fingerprint your environment (it derives a platform header from install paths) and will create anonymous tokens if none are provided; (4) prefer skills with a known source or an inspectable client; (5) if you must proceed, verify the remote domain and its privacy/terms, and avoid setting persistent credentials unless you trust the service.

Review Dimensions

Purpose & Capability: noteThe name/description (image → video, including explicit adult content) aligns with the instructions to upload images and call a cloud rendering API that returns MP4s. However the SKILL.md metadata requests a configuration path (~/.config/nemovideo/) while the registry metadata lists no required config paths — an inconsistency in declared surface area. The skill's source/homepage are unknown, which increases the risk of relying on an external service without provenance.
Instruction Scope: concernThe runtime instructions tell the agent to: check NEMO_TOKEN, and if missing generate a UUID and call an external anonymous-auth endpoint to create a token; create sessions, upload local files (multipart) or URLs, and poll render endpoints. These actions necessarily transmit user images (including explicit content) to an external domain. The instructions also direct the agent to derive an attribution header by probing the agent's install path (fingerprinting the environment). Those behaviors go beyond simple local processing and have clear privacy/exfiltration risk; they are coherent with the stated purpose but raise concerns about unintended data disclosure and environment fingerprinting.
Install Mechanism: okNo install spec and no code files are present (instruction-only). That reduces surface risk from arbitrary downloaded code, but it also means there is no inspectable client implementation; runtime behavior depends wholly on the agent following these instructions to contact the external API.
Credentials: concernThe skill only needs a single credential (NEMO_TOKEN), which is appropriate for a cloud API. However the SKILL.md metadata includes a configPaths entry (~/.config/nemovideo/) that is not declared in the registry metadata — inconsistent. The skill also instructs the agent to produce an anonymous token if NEMO_TOKEN is absent, which is logical but means the skill will unilaterally create and store credentials and will upload user-provided files to a remote service. These actions are proportionate for the stated function but carry privacy and credential-handling implications that users should understand.
Persistence & Privilege: okalways: false and the skill does not request special system privileges. It instructs keeping a session_id for the session lifecycle (normal). No instructions to modify other skills or global agent configuration were found.