Skillv1.0.0

ClawScan security

Tom Video · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 28, 2026, 7:28 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's functionality (remote AI video editing) matches the API calls it instructs, but there are inconsistencies and small privacy/scope concerns (undeclared config path usage and filesystem probing to detect install platform) that you should understand before installing.
Guidance: This skill appears to do what it claims (remote video editing) but has a few things to consider before you install or use it: 1) It requires or will obtain a NEMO_TOKEN and will upload your video files to mega-api-prod.nemovideo.ai — do not upload sensitive content unless you trust that service and its privacy policy. 2) The SKILL.md references a config path (~/.config/nemovideo/) and asks the agent to detect install paths (e.g., ~/.clawhub/) to set an X-Skill-Platform header; this means the skill may probe your home directory for those paths — if you are uncomfortable with that, do not grant it access or avoid installing. 3) If you provide an explicit NEMO_TOKEN, prefer a token with limited scope/expiry rather than long-lived cloud credentials. 4) Because the skill is instruction-only and the source is unknown, prefer to verify the service domain (nemovideo.ai) and the skill author before giving credentials or uploading private footage. If you want to proceed, limit permissions on any token you supply and consider testing with non-sensitive sample videos first.
Findings: [no_regex_matches] expected: Scanner found no code-level regex matches — expected because this is an instruction-only skill (SKILL.md only). The security surface is the instructions themselves.

Review Dimensions

Purpose & Capability: noteThe skill's name/description (remote video editing) aligns with the API endpoints and actions in SKILL.md (upload, render, export). Requesting a NEMO_TOKEN is appropriate for a remote service. However the SKILL.md frontmatter lists a config path (~/.config/nemovideo/) which is not reflected in the registry metadata's 'Required config paths' — an inconsistency worth noting.
Instruction Scope: concernInstructions ask the agent to (a) use NEMO_TOKEN if present or obtain an anonymous token from a remote endpoint, (b) upload user video files (local path or URL) to the service, and (c) include attribution headers, including detecting X-Skill-Platform by inspecting install paths like ~/.clawhub/ or ~/.cursor/skills/. That implies filesystem probing of the user's home directory and potential reading of config locations. Uploading user videos to an external service is expected for this skill, but automatic probing of install/config paths increases privacy surface and is not fully justified in the prose.
Install Mechanism: okInstruction-only skill with no install spec and no code files. Lowest installation risk — nothing written to disk by an install step. The runtime instructions cause network calls but no packaged code is being installed by the registry.
Credentials: noteOnly NEMO_TOKEN is declared as required (primaryEnv), which is proportionate to a remote editing service. The SKILL.md also references a config path (~/.config/nemovideo/) in metadata and instructs detecting install paths for header attribution; these imply reading files or directories beyond the declared environment variable and increase the scope of data the skill may access. The skill will also obtain an anonymous token if no NEMO_TOKEN is present, which is reasonable but results in network token exchange.
Persistence & Privilege: okalways is false and the skill does not request elevated or permanent platform presence. There is no instruction to modify other skills or system-wide configs. That said, the skill may read user config paths and home directories to determine platform/config which is a privacy consideration rather than a privilege escalation.