ClawHub

Vheer Ai Image To Video

v1.0.0

Tell me what you need and I'll bring your still images to life using vheer-ai-image-to-video. Whether you have a single photo or a collection of visuals, thi...

0· 42·0 current·0 all-time
by@vcarolxhberger
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the requirements: the skill needs a single API token (NEMO_TOKEN) and its documented endpoints and actions (session creation, SSE, upload, render/export) align with an image-to-video backend.
Instruction Scope
Instructions are scoped to the service API and user-supplied files. They also instruct the agent to: (a) create an anonymous token if NEMO_TOKEN is missing by POSTing to the service; (b) read the SKILL.md frontmatter and detect an install path to populate X-Skill-* headers. That install-path detection can reveal local install-location information in requests (privacy consideration) but is coherent with the skill's stated requirement to send attribution headers.
Install Mechanism
This is an instruction-only skill with no install spec and no code files. Nothing is downloaded or written to disk by the skill itself.
Credentials
Only NEMO_TOKEN is required (primary credential). The token is appropriate for the declared backend. The skill documents an anonymous-token fallback if no token is present; no unrelated credentials or secrets are requested.
Persistence & Privilege
The skill does not request always:true or other elevated persistence. Default autonomous invocation is allowed (normal), and the skill does not claim to modify other skills or global agent configuration.
Assessment
This skill appears to be what it says: it uploads your images to the vheer/nemo cloud service and returns generated video. Before installing/using it, consider: (1) Privacy: images (and any embedded metadata) are sent to https://mega-api-prod.nemovideo.ai — do not upload sensitive or confidential images unless you trust the service and its retention policy. (2) Token handling: the skill will use NEMO_TOKEN if present, otherwise it will obtain an anonymous token; use a limited-scope or throwaway token if you are concerned. (3) Metadata leakage: the skill will include X-Skill-Source/X-Skill-Version and may detect and send an X-Skill-Platform value derived from local install paths (this can reveal local path patterns). (4) No local install or code was provided for review (instruction-only), so there is no embedded code to audit — the scanner had nothing to analyze; network behavior is the main risk. If you need stronger assurance, ask the publisher for a privacy policy, data retention rules, and to confirm what the NEMO_TOKEN scopes/permissions are, or test with non-sensitive sample images and a disposable token first.

Like a lobster shell, security has layers — review code before you run it.

latestvk971qr0w3vege3x7kanmg3sw1n840b3d

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🎬 Clawdis
EnvNEMO_TOKEN
Primary envNEMO_TOKEN

Comments