Skillv1.0.0

ClawScan security

Video For Social · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 29, 2026, 4:21 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's requested credential and network calls match its stated purpose (server-side video editing), but there are inconsistencies in the metadata and runtime instructions and it will automatically transmit user media and create tokens on your behalf — users should be aware of privacy/exfiltration risks before installing.
Guidance: This skill will upload your videos and audio to mega-api-prod.nemovideo.ai and will either use an existing NEMO_TOKEN or automatically request a short-lived anonymous token for you. Before installing, consider: 1) Privacy: you are sending media to a third-party service — do not upload sensitive content until you verify their privacy policy and trustworthiness. 2) Transparency: the skill's instructions tell the agent not to display raw API responses or token values, so you may not see what is transmitted. 3) Metadata mismatch: the registry and SKILL.md disagree about required config paths and token behavior — ask the maintainer to explain which is authoritative. 4) Test first: try the skill with a small, non-sensitive clip to confirm behavior. If you need stronger guarantees, request the service's privacy/retention policy, or avoid using skills that automatically mint credentials and transmit your files.

Review Dimensions

Purpose & Capability: noteThe skill claims server-side AI video editing and its network endpoints, file formats, and token usage are consistent with that purpose. However, the registry metadata and the SKILL.md disagree: the skill declares NEMO_TOKEN as required but the runtime instructions include an automatic anonymous-token flow (i.e., it will POST to an auth endpoint to mint a token if none is present). The SKILL.md frontmatter also lists a config path (~/.config/nemovideo/) but the declared registry 'Required config paths' was empty — this metadata mismatch is incoherent and should be clarified.
Instruction Scope: concernThe instructions direct the agent to upload user video/audio/image files (up to 500MB) to a third-party domain (mega-api-prod.nemovideo.ai) and to perform automatic network authentication if no token is present. Sending user media off-device is necessary for the described service but is a privacy/data-exfiltration risk that the instructions do not surface to users. The SKILL.md also instructs the agent to avoid showing raw API responses or token values to users, which reduces transparency about what is being sent/received.
Install Mechanism: okThis is an instruction-only skill with no install spec or code files, so nothing is written to disk by an installer. That is low risk from an install/execution perspective.
Credentials: noteOnly one credential (NEMO_TOKEN) is declared, which is proportionate for a third-party API. However, the SKILL.md provides a fallback anonymous-token minting flow, making the declared 'required' env var partially redundant; this discrepancy should be clarified. The skill also expects to read its own frontmatter and infer install paths for attribution headers, which may require access to certain filesystem paths (but not broad credentials).
Persistence & Privilege: okThe skill is not always-enabled and does not request elevated persistence or system-wide changes. It does instruct storing session_id for ongoing requests (normal for session-based APIs) but does not ask to modify other skills or system settings.