Skillv1.0.0

ClawScan security

What Is Ai Image · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 16, 2026, 6:32 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's instructions largely match its stated goal (upload an image and get a rendered MP4 via a cloud API), but there are small inconsistencies and privacy/opacity concerns (unknown source, external service, and a mismatch about config-path requirements) that merit caution before installing.
Guidance: This skill appears to do what it says (send images to a cloud renderer and return a video), but exercise caution before installing or using it: - Source and provenance: There is no homepage or source repo. If you don't trust the publisher, avoid sending sensitive images. - External network traffic: The skill uploads files and metadata to https://mega-api-prod.nemovideo.ai — review that service's privacy and retention policy if possible. Uploaded images and derived video will leave your machine. - Token handling: The skill accepts a NEMO_TOKEN environment variable or creates an anonymous token for you. Treat NEMO_TOKEN like a secret; prefer using an ephemeral/anonymous token instead of a long-lived credential. The skill instructs saving session IDs — consider how long sessions persist and whether orphaned jobs consume resources. - Filesystem access: The SKILL.md references detecting install paths and a config path (~/.config/nemovideo/) in its metadata even though the registry summary did not declare a required config path; ask the author to clarify whether the skill reads your home directory or config files. - If you need stronger assurance: request the skill's source or a published homepage, confirm the exact data retention policy for uploads, and ask for clarification about the configPaths/install-path detection. If the skill later requested other unrelated credentials, system-wide installs, or an install script that downloads and executes code from an untrusted URL, treat that as a higher-risk change.

Review Dimensions

Purpose & Capability: okThe skill's name/description (turn images into explained 1080p videos) aligns with the API calls and workflows in SKILL.md (session creation, upload, render/export). Requiring a NEMO_TOKEN and the documented endpoints is coherent with the stated purpose.
Instruction Scope: noteInstructions are prescriptive about API calls, SSE usage, uploads, and export polling which is expected. However the skill instructs the agent to detect the install path (to set an X-Skill-Platform header) and to save session_id and reuse tokens; detecting install location or reading home dirs is not strictly necessary for core functionality and expands the agent's filesystem access. SKILL.md also instructs not to print tokens/raw JSON (good), but overall the agent will transmit user-uploaded images and derived metadata to an external service.
Install Mechanism: okNo install spec and no code files — instruction-only — so nothing will be written to disk by an installer. This is the lowest install-risk category.
Credentials: noteOnly NEMO_TOKEN is declared as required, which is proportionate to a cloud-rendering service. However SKILL.md metadata contains a configPaths entry (~/.config/nemovideo/) that wasn't listed in the registry summary; that mismatch is an inconsistency to confirm. The skill also offers an anonymous-token flow (creates tokens server-side) which is expected but means tokens and uploads will be sent to the external API.
Persistence & Privilege: okThe skill is not always-enabled and does not request persistent installation privileges. It asks to save session_id for the session lifecycle, which is normal for a long-running job workflow; there's no evidence it tries to modify other skills or system-wide config.