Skillv1.0.0

ClawScan security

Video Guide · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 17, 2026, 6:56 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's declared purpose (cloud video editing) aligns with the single credential it requests (NEMO_TOKEN) and its runtime API calls, but there are inconsistencies in metadata (a referenced config path in the skill frontmatter that isn't declared in the registry) and the skill will upload user video files to an external API operated at mega-api-prod.nemovideo.ai — review before installing from an unknown source.
Guidance: This skill appears to be a front-end for a cloud video-editing API and will upload any files you provide to an external host (mega-api-prod.nemovideo.ai). Before installing: (1) Confirm you trust that external service — your videos and audio will leave your machine. (2) Ask the author to explain the discrepancy between the registry (no config paths) and the SKILL.md frontmatter (mentions ~/.config/nemovideo/). If that config path is actually accessed, ask what is read and why. (3) Prefer using the anonymous short-lived token flow (the skill documents this) instead of supplying a long-lived NEMO_TOKEN if you want limited access. (4) Note the package has no homepage and an unknown source — get more provenance (project URL, privacy policy, contact) before broad use. If you need stronger assurance, request the skill author to remove any local filesystem reads (install-path detection or config access) or to document exactly what local files are needed.

Review Dimensions

Purpose & Capability: noteThe skill claims to perform cloud video editing and requires a single bearer token (NEMO_TOKEN) and calls media-processing endpoints on mega-api-prod.nemovideo.ai — that is coherent. However, the SKILL.md frontmatter includes a required config path (~/.config/nemovideo/) whereas the registry metadata reported no config paths; this mismatch should be clarified.
Instruction Scope: noteThe runtime instructions are explicit about starting sessions, uploading files, streaming SSE, and polling render endpoints — all within the advertised purpose. The skill also instructs the agent to (a) read its own YAML frontmatter for attribution headers and (b) detect install path (~/.clawhub/, ~/.cursor/skills/) to set X-Skill-Platform — both require reading local filesystem paths. These filesystem reads are plausible for attribution but expand the scope beyond pure network calls and should be documented/justified by the author.
Install Mechanism: okNo install spec and no code files are present; this is an instruction-only skill. That is low-risk from an install-execution perspective because nothing is downloaded or executed locally by the installer.
Credentials: noteOnly one credential is declared (NEMO_TOKEN) and that maps to the external API used by the skill — proportionate. The frontmatter's mention of a config path (~/.config/nemovideo/) is unexpected relative to the registry data and would grant the skill access to local service config if honored; that is disproportionate unless the skill genuinely needs that local config. Also note the skill will upload user video/audio files to a third-party service, which is expected for the function but is a privacy consideration.
Persistence & Privilege: okThe skill does not request always:true and does not declare modifications to other skills or system-wide settings. It can be invoked autonomously (default) which is normal; consider this when granting an unknown skill permission to run.