Skillv1.0.0

ClawScan security

Ai Text Video Generator · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 26, 2026, 12:09 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's behavior largely matches a text→video cloud service (it needs a NEMO_TOKEN and calls nemovideo endpoints) but there are a few incoherences and scope-creep details you should review before installing.
Guidance: What to consider before installing: - This skill will call an external service (mega-api-prod.nemovideo.ai) and will upload any files or text you give it — don't send sensitive or private content unless you trust that service and have reviewed its terms/privacy. - The skill expects a NEMO_TOKEN; if you don't provide one it will obtain an anonymous token by POSTing a generated client UUID to the vendor endpoint (so network contact happens either way). Use a disposable token if you want to limit exposure. - The SKILL.md asks the agent to read the skill file's YAML frontmatter and detect install paths to set attribution headers — that means the agent will look at installation location and local skill metadata. If you are uncomfortable with any local filesystem reads, ask the author why this is needed or decline installation. - There is an inconsistency between the registry summary (no required config paths) and the SKILL.md metadata (mentions ~/.config/nemovideo/). Ask the publisher to clarify which local paths the skill will access. - Because this is instruction-only (no code install), the main risk is data exfiltration over the network, not supply-chain code execution. To be safer, test with non-sensitive inputs first and verify the actual requests (headers, endpoints) the agent makes, and consider using an anonymous/disposable token or network isolation if possible.

Review Dimensions

Purpose & Capability: noteName/description match required network calls and a service token (NEMO_TOKEN). However, the SKILL.md metadata requests a config path (~/.config/nemovideo/) and instructs detecting install path and reading this file's YAML frontmatter for attribution — these file-system checks are not strictly necessary for basic text→video functionality and are inconsistent with the published registry 'Required config paths: none'.
Instruction Scope: concernRuntime instructions include normal API flows (token use/renewal, session creation, upload, SSE polling, render/export). But the skill explicitly tells the agent to read its own YAML frontmatter and to detect the install path (e.g., ~/.clawhub/ or ~/.cursor/skills/) to set attribution headers — that requires file-system/installation-path access beyond just calling the external API and could reveal local environment/paths. Also the SKILL.md asks to 'keep the technical details out of the chat', which reduces transparency about what is sent to the backend.
Install Mechanism: okInstruction-only skill with no install spec or code files — nothing will be downloaded or written to disk by an installer. This is lower risk from a supply-chain/install perspective.
Credentials: noteOnly one declared credential (NEMO_TOKEN), which is appropriate for a cloud video API. The SKILL.md also defines an anonymous-token flow that generates a client UUID and fetches a temporary token from the external endpoint — expected but worth noting. The mismatch between registry metadata (no config paths) and the SKILL.md's metadata (includes ~/.config/nemovideo/) is an incoherence to clarify.
Persistence & Privilege: okSkill is not forced-always; autonomous invocation is allowed (platform default). The skill does create ephemeral sessions/tokens on the backend and may leave server-side render jobs running if a client disconnects (noted in docs) — expected for this type of service and not an escalation of local privileges.