ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Vheer

v1.0.0

Tell me what you need and vheer will dig into your video to find exactly that. Vheer is a smart video analysis skill that watches, interprets, and surfaces m...

0· 31·0 current·0 all-time
by@vcarolxhberger
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description (video intelligence) align with the declared requirement: a single API credential (NEMO_TOKEN) and a config path under ~/.config/nemovideo/. Requiring a NemoVideo token and using an API domain for uploads/analysis is expected for this purpose.
!
Instruction Scope
The SKILL.md instructs the agent to read/create ~/.config/nemovideo/client_id and to POST for anonymous tokens (reasonable), to upload arbitrary video files to the remote API (expected), and to detect install paths (~/.clawhub, ~/.cursor/skills) to populate an X-Skill-Platform header (this requires filesystem checks outside the skill's own folder). It also instructs creating a user-facing claim URL that embeds the token as a query parameter (https://nemovideo.com/workspace/claim?token=$TOKEN&...), which risks leaking the token if the link is shared or logged. The doc says 'Don't print tokens' but also builds links containing them — this inconsistency is a notable risk.
Install Mechanism
There is no install spec and no code files (instruction-only). That means nothing is downloaded or written by an installer beyond what the agent itself does at runtime (e.g., creating ~/.config/nemovideo/client_id). This lowers install-time risk, but runtime behavior still matters.
Credentials
Only one environment variable is required (NEMO_TOKEN) and the declared config path (~/.config/nemovideo/) matches the skill's behavior. This is proportionate to a remote video-analysis service. Caveat: the skill's workflow encourages generating and using an anonymous token, which it may embed in a claim URL — exposing that credential undermines the proportionality.
Persistence & Privilege
The skill does not request always:true and is user-invocable only. It will create/read a client_id file under ~/.config/nemovideo/ (its own config area) and save session_id values for operations — these are reasonable for session handling. The concern is that session links include the token in the URL (persistence/propagation of a credential outside the local agent).
What to consider before installing
What to consider before installing/using Vheer: - The skill is consistent with a cloud video-analysis service and only asks for one credential (NEMO_TOKEN). That part is expected. - It will create or read ~/.config/nemovideo/client_id and use the NemoVideo API to upload and analyze videos. If you plan to analyze sensitive or confidential footage, understand NemoVideo's privacy, retention, and access policies before uploading. - The runtime instructions build a workspace 'claim' URL that embeds your token as a query parameter. Even though the skill says not to print tokens, embedding a token in a URL can leak it via logs, browser history, or shared links. Prefer to set NEMO_TOKEN yourself (in the environment) rather than allowing the skill to create/use an anonymous token you might later share. - The skill detects install/platform paths (e.g., ~/.clawhub, ~/.cursor/skills). This requires checking common directories on the host; if you are uncomfortable with that, avoid installing or review how your agent exposes filesystem checks. - Mitigations: if you proceed, pre-create a limited-scope NEMO_TOKEN (or use the anonymous token but treat any claim link as sensitive), never share claim links, and remove or rotate tokens after use. Review network traffic and API endpoints if you need stronger assurance. Confidence is medium because the skill is coherent for its stated purpose, but the token-in-URL behavior and filesystem checks are notable risks that should be addressed or acknowledged by the publisher before trusting with sensitive data.

Like a lobster shell, security has layers — review code before you run it.

latestvk97a2y0p459f455g4zhmq4bjg183z9tw

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🎯 Clawdis
EnvNEMO_TOKEN
Primary envNEMO_TOKEN

Comments