Back to skill
Skillv1.0.0
ClawScan security
Ai Video Face · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
SuspiciousApr 29, 2026, 4:56 AM
- Verdict
- suspicious
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's requested credential (NEMO_TOKEN) and API usage match its video face-editing purpose, but there are small metadata/instruction mismatches and missing publisher information that warrant caution before installing.
- Guidance
- This skill generally behaves like a normal cloud-based video face-editing integration (it uploads videos and uses an API token). Before installing: (1) verify where your NEMO_TOKEN comes from — prefer using an ephemeral/anonymous token or a limited-scope token rather than a long-lived secret; (2) ask the publisher (or provider) for a homepage, privacy policy, and data retention policy — face-swap services can be sensitive and may retain or share uploads; (3) clarify the metadata discrepancy: SKILL.md mentions ~/.config/nemovideo/ and install-path inspection while the registry lists no config paths — confirm whether the skill will read any local configuration or paths; (4) test with non-sensitive/sample videos first to confirm behavior and check returned URLs are HTTPS and hosted on the documented domain; (5) avoid uploading videos of other people without consent. If the publisher/source cannot be verified or you cannot confirm what local paths will be accessed, treat the skill cautiously.
Review Dimensions
- Purpose & Capability
- noteThe skill claims to perform remote face-editing and only asks for a single API token (NEMO_TOKEN) and upload of user video files — that is coherent with the stated purpose. However, the SKILL.md frontmatter declares a configPaths entry (~/.config/nemovideo/) while the registry metadata lists no required config paths, which is an inconsistency worth clarifying. The service endpoints in the instructions (mega-api-prod.nemovideo.ai) are consistent with the NEMO_TOKEN requirement, but the skill has no listed homepage or publisher provenance.
- Instruction Scope
- noteRuntime instructions are narrowly focused on: using NEMO_TOKEN (or obtaining an anonymous token), creating a session, uploading video files, streaming SSE edits, polling render status, and returning a download URL. These actions are within the expected scope. Two points to watch: (1) the instructions state headers are derived from the YAML frontmatter and that the agent should detect the install path (e.g. ~/.clawhub/, ~/.cursor/skills/) — this implies inspecting the agent environment/paths, which is slightly beyond plain API calls; (2) the SKILL.md references a local config path in its metadata (~/.config/nemovideo/) which could imply reading local config, but the registry did not declare that path as required.
- Install Mechanism
- okNo install spec and no code files — the skill is instruction-only, so nothing will be written to disk by an installer. This minimizes supply-chain risk.
- Credentials
- noteOnly one environment variable is required (NEMO_TOKEN), which is appropriate for a remote API-backed video editing service. The SKILL.md also provides a fallback to obtain an ephemeral anonymous token if none is present. The small concern is the frontmatter's configPaths entry (~/.config/nemovideo/) which suggests the skill might read a local configuration directory not declared in the registry metadata; that should be clarified before trusting the skill with other local data.
- Persistence & Privilege
- okThe skill is not marked always:true and does not request elevated or cross-skill privileges. It will act via network calls using the provided token and does not appear to modify other skills or system-wide settings.