Skillv1.0.0

ClawScan security

Video Cartoon Maker Free · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 21, 2026, 6:53 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's runtime instructions broadly match a cloud video-processing service, but there are internal inconsistencies (metadata vs. registry) and a few instructions that would cause the agent to read local paths or persist tokens which are not fully justified — proceed only after clarifying these points.
Guidance: What to consider before installing: - This skill will send any uploaded videos to https://mega-api-prod.nemovideo.ai; only upload content you’re comfortable sending to an external service. - It requires a NEMO_TOKEN (or will obtain an anonymous token for you). If you have concerns, use a throwaway/limited token rather than a sensitive account token. - The SKILL.md asks the agent to detect install paths (e.g., ~/.clawhub/, ~/.cursor/skills/) and references ~/.config/nemovideo/ in the skill metadata — confirm with the publisher whether the skill will read local filesystem paths and whether it will write tokens or session IDs to disk. If you don’t want local file access, ask the author to remove platform-detection and clarify persistence behavior. - There is no homepage or publisher information in the registry entry; verify the operator of mega-api-prod.nemovideo.ai and review their privacy/storage policy before use. - If you cannot verify the service operator or are uncomfortable with filesystem access or sending videos to that domain, do not enable the skill or provide long-lived credentials.

Review Dimensions

Purpose & Capability: concernThe skill's stated purpose (convert videos to a cartoon style) aligns with using a remote API and requiring an API token (NEMO_TOKEN). However the SKILL.md includes metadata that references a local config path (~/.config/nemovideo/) while the registry metadata lists no required config paths — this mismatch is unexplained. Also there is no homepage or known publisher site, making provenance harder to verify.
Instruction Scope: concernInstructions direct the agent to: (1) create an anonymous token if none is present, (2) save a session_id, (3) upload files via multipart (examples use local file paths like '/path'), and (4) detect installation platform by checking paths like ~/.clawhub/ or ~/.cursor/skills/. The platform-detection step implies reading the user's file system (install path detection) which is outside the core task and is not justified. The doc also says to 'save session_id' but doesn't specify where or how (in-memory vs persistent storage).
Install Mechanism: okThere is no install specification and no code files — the skill is instruction-only, so nothing is written to disk by an installer. This is the lowest-risk install model.
Credentials: noteThe skill declares a single primary credential (NEMO_TOKEN), which is appropriate for a hosted video-processing API. The SKILL.md also refers to a config path in its metadata (~/ .config/nemovideo/), which was not declared in registry metadata — this inconsistency could mean the skill expects local config files or stored tokens. No other unrelated secrets are requested.
Persistence & Privilege: okThe skill is not marked always:true and uses normal autonomous invocation defaults. It asks the agent to obtain and retain a session_id for job tracking, which is reasonable for this use case, but it is unclear whether the token or session_id should be persisted to disk — the instructions do not explicitly request permanent system-level privileges.