Skillv1.0.0

ClawScan security

Video Low Vram · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 28, 2026, 6:46 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's functionality (remote video processing) is coherent, but there are metadata inconsistencies and runtime instructions that ask the agent to probe the filesystem and issue tokens/uploads to an external service — things you should review before installing.
Guidance: This skill appears to do what it says (remote video processing) but has a few things to check before you install or use it: 1) Source and provenance: there is no homepage or known owner — prefer skills backed by a known project or vendor. 2) Tokens and storage: the skill will accept or generate a NEMO_TOKEN and persist session IDs; confirm where the agent stores these and that you are comfortable granting them to the nemo API. 3) Filesystem probing: the instructions ask the agent to derive a header by inspecting install paths (~/.clawhub, ~/.cursor/skills/) and reference a config path in the SKILL.md frontmatter — ask the author why filesystem access is needed and ensure the agent will ask you before reading any paths beyond the video files you explicitly upload. 4) Uploads to external API: videos will be sent to https://mega-api-prod.nemovideo.ai; do not upload sensitive material unless you trust that service. 5) Metadata mismatch: the registry shows no required config paths but the SKILL.md does — request clarification. If you proceed, test with non-sensitive sample videos first and require explicit user confirmation before any file reads or uploads.

Review Dimensions

Purpose & Capability: noteThe declared purpose (remote low‑VRAM video processing) matches the runtime actions (create session, upload video, render, download). However the SKILL.md frontmatter includes a required config path (~/.config/nemovideo/) that is not reflected in the registry metadata, and the runtime requires constructing X-Skill-Platform by inspecting install paths (~/.clawhub, ~/.cursor/skills/). Those inconsistencies are unexpected and worth verifying with the author.
Instruction Scope: concernThe instructions instruct the agent to: (a) generate an anonymous token via POST and use it as NEMO_TOKEN, (b) create and persist session_id, (c) upload files via multipart using local file paths (files=@/path), and (d) derive attribution headers by reading this file's YAML frontmatter and probing install paths. Probing filesystem paths to compute headers and uploading local files are normal for a video upload skill, but the document does not require explicit user confirmation before reading arbitrary local paths and does not clearly limit which files may be uploaded — this increases the risk of accidental disclosure of unrelated files.
Install Mechanism: okInstruction-only skill (no install spec, no code files). This is low risk from an install perspective because nothing is being written to disk by an installer.
Credentials: noteThe only declared credential is NEMO_TOKEN (primaryEnv), which is appropriate for a third‑party API. The SKILL.md also describes creating and storing an anonymous token if none exists. The mismatch between registry metadata (no config paths) and SKILL.md frontmatter (configPaths: ~/.config/nemovideo/) is a proportionality/consistency concern to clarify. Also the skill requires inclusion of custom headers (X-Skill-Source/Version/Platform) — non‑secret but the Platform header requires filesystem inspection.
Persistence & Privilege: okalways:false and normal agent invocation. The skill asks the agent to save session_id and reuse tokens, which is expected for session-based APIs. It does not request global or persistent privileges beyond its own session state.