Skillv1.0.0

ClawScan security

Caption Generator From Photo · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 21, 2026, 8:45 AM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill's requirements and runtime instructions are consistent with a cloud-based caption/video rendering service: it needs a single service token and the SKILL.md only instructs calls to that backend and upload of user images.
Guidance: This skill looks coherent for a cloud caption/video rendering integration and only needs a NEMO_TOKEN (or it will obtain a short-lived anonymous token from the listed domain). Before installing or using it, consider: 1) Confirm you trust https://mega-api-prod.nemovideo.ai and review their privacy/retention policy for uploaded images (you are uploading media to a third party). 2) Prefer providing a scoped service token rather than a long-lived credential. 3) Ask the implementer whether the agent will read local install paths to produce the X-Skill-Platform header — if so, request they limit file reads to the minimum required. 4) Note the small metadata mismatch (configPaths present in SKILL.md but not in registry metadata); ask the publisher to clarify. If any of these are unresolved, treat the skill as higher risk.

Review Dimensions

Purpose & Capability: okName/description (generate captions and overlay on photos to produce short videos) align with the declared primary credential (NEMO_TOKEN) and the SKILL.md endpoints (nemovideo API). One minor inconsistency: the registry metadata reported no required config paths, but the SKILL.md frontmatter mentions ~/.config/nemovideo/ in metadata; this is likely a documentation mismatch but worth noting.
Instruction Scope: okInstructions stay within the stated purpose: establish a session with the nemovideo API, upload user-provided media, stream render events, and poll for exports. The SKILL.md does not instruct reading arbitrary local files or unrelated environment variables. A small note: the doc says X-Skill-Platform is 'detected from the install path' (examples like ~/.clawhub/ or ~/.cursor/skills/); it's not explicit whether the agent must read those paths to build the header — if implemented, that could require reading the agent's install location, so confirm implementation does not attempt to read unrelated user files.
Install Mechanism: okInstruction-only skill with no install spec and no code files — lowest-risk delivery mechanism. Nothing is downloaded or written to disk by the skill spec itself.
Credentials: okOnly one credential is requested (NEMO_TOKEN) and it's clearly used for authorization to the described backend. The SKILL.md documents a fallback anonymous-token call when NEMO_TOKEN is absent, which is consistent with the service. The earlier mismatch about configPaths appearing in frontmatter but not in registry metadata is noted but does not by itself indicate extraneous credential requests.
Persistence & Privilege: okNo always:true, no persistent installs or modifications to other skills. The skill manages short-lived sessions with the remote renderer; that behavior is expected for this functionality.