Skillv1.0.0

ClawScan security

Remover From Video · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 28, 2026, 12:20 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's behavior (uploading videos to a third‑party cloud API and auto‑generating tokens) is coherent with its stated purpose, but there are provenance and metadata inconsistencies and a few instructions that request access beyond a minimal, clearly-justified surface.
Guidance: This skill will send your video files to a third‑party cloud service (mega-api-prod.nemovideo.ai) for processing and will programmatically obtain or use a NEMO_TOKEN. Before installing or using it: 1) Confirm you trust the endpoint and check its privacy/terms (there is no homepage or publisher info provided). 2) Do not upload sensitive or private footage unless you accept that it will be transmitted to and stored/processed by that service. 3) Ask the publisher why the SKILL.md frontmatter lists a config path and why the skill needs to probe local install paths — this reads local filesystem metadata and is not strictly necessary for video processing. 4) Prefer providing your own NEMO_TOKEN only if you trust the service; anonymous token creation is supported but still contacts the remote API. 5) If privacy is critical, consider local alternatives (ffmpeg + local inpainting models) instead of a cloud upload. If you want a firmer judgement, provide the skill publisher, a homepage/privacy policy, or network traces of the exact HTTP calls the agent will make.

Review Dimensions

Purpose & Capability: noteThe skill name/description (cloud-based object removal) matches the network endpoints and flows in SKILL.md (session creation, upload, render, export). Requesting a single service token (NEMO_TOKEN) is expected. However, the SKILL.md frontmatter includes a configPaths entry (~/.config/nemovideo/) while the registry metadata lists no required config paths — this mismatch is an inconsistency in declared requirements. The SKILL.md also instructs deriving an X-Skill-Platform value by probing install paths in the user home, which suggests filesystem inspection that isn't justified by the stated capability.
Instruction Scope: concernThe runtime instructions will cause the agent to: contact https://mega-api-prod.nemovideo.ai, exchange/obtain an anonymous token, create sessions, upload user video files (multipart file uploads or URLs), stream SSE, and poll for rendered output. Uploading user video content to an external service is intrinsic to the skill, but the instructions also ask the agent to detect install paths (~/.clawhub/, ~/.cursor/skills/) to set headers — this implies reading local filesystem paths. The doc emphasizes not to 'expose tokens' but also instructs extracting and using tokens programmatically. There are no instructions that read unrelated system files, but the platform-detection and mismatched configPaths raise scope creep concerns.
Install Mechanism: okThis is instruction-only with no install spec and no code files — nothing new is written to disk by an installer. That reduces supply-chain risk compared with arbitrary downloads.
Credentials: noteOnly one environment variable is declared (NEMO_TOKEN / primaryEnv), which is proportionate for a cloud API skill. But SKILL.md describes obtaining an anonymous token automatically if NEMO_TOKEN is absent, and the frontmatter references a config path (~/.config/nemovideo/) that is not declared in the registry metadata — an inconsistency. The skill does not request other unrelated credentials, which is good.
Persistence & Privilege: okalways:false and no install hooks are present. The skill does not request permanent platform presence or permissions to modify other skills or global config. Session state (session_id) is expected to be kept only for in-session operations as described.