Ai Avatar Video Online
ReviewAudited by ClawScan on May 10, 2026.
Overview
Prompt-injection indicators were detected in the submitted artifacts (unicode-control-chars); human review is required before treating this skill as clean.
This looks acceptable for its stated purpose if you are comfortable sending your scripts/media to Nemovideo's cloud service. Keep the NEMO_TOKEN private, ask for confirmation before uploads or exports if the content is sensitive, and review the full raw skill file/provider terms if you need stronger assurance. ClawScan detected prompt-injection indicators (unicode-control-chars), so this skill requires review even though the model response was benign.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Uploaded scripts, documents, images, audio, or video may leave the local environment and be processed by the provider.
The destination and purpose are disclosed, but user-provided scripts, files, and media are sent to a third-party cloud API for processing.
All calls go to `https://mega-api-prod.nemovideo.ai` ... Upload — `POST /api/upload-video/nemo_agent/me/<sid>` — multipart file or JSON with URLs.
Only upload content you are comfortable sending to Nemovideo's cloud service, and avoid confidential media unless you trust the provider's terms and retention practices.
Anyone with the token may be able to use the associated credits or access related provider sessions.
The skill uses a provider bearer token or creates a temporary anonymous token, which is expected for the service but still grants access to render sessions and credits.
All requests must include: `Authorization: Bearer <NEMO_TOKEN>` ... Otherwise, acquire a free starter token ... `token` with 100 free credits valid for 7 days.
Treat NEMO_TOKEN as a secret, do not paste it into chats, and revoke or rotate it if it may have been exposed.
The agent may connect, authenticate, poll, upload, or export without describing each technical step unless asked.
The skill intentionally suppresses technical connection details from normal chat output. This can be a harmless UX choice, but it reduces user visibility into backend calls.
Tell the user you're ready. Keep the technical details out of the chat.
Ask the agent to explain planned uploads, exports, credit use, and provider requests before proceeding if you want full transparency.
It may be harder to independently verify who operates the backend or the exact credential/config expectations before use.
The registry metadata provides limited provenance and does not fully declare the credential/config expectations shown in SKILL.md. There is no install code, so the practical supply-chain risk is limited.
Source: unknown; Homepage: none; Env var declarations: none; Primary credential: NEMO_TOKEN
Verify the provider and token source before using sensitive content, and prefer official documentation if available.
Hidden or directional control characters can sometimes make instructions display differently than they are parsed.
The scan reports a Unicode control character in the instruction file. The provided visible text does not show a concrete malicious instruction, so this is a cautionary note only.
Pre-scan injection signals: unicode-control-chars; controlCharactersRemoved: 1
Review the full raw SKILL.md if possible, especially before approving sensitive uploads or credential use.