Skillv1.0.0

ClawScan security

Wechat Video Online · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 19, 2026, 11:53 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's declared purpose (online WeChat-friendly video editing) broadly matches its runtime instructions, but there are inconsistencies around declared config paths, how/where session tokens get stored, and automatic network/auth flows that warrant caution.
Guidance: This skill appears to do what it says (upload your video to a remote service and return an edited MP4), but it will contact https://mega-api-prod.nemovideo.ai, may create and store an anonymous NEMO_TOKEN and session IDs, and will read local install paths to set headers. Before installing or using it: (1) confirm you trust nemovideo.ai and are comfortable uploading videos (they will leave your machine); (2) prefer supplying your own NEMO_TOKEN rather than letting the skill auto-generate/store one; (3) ask the author or registry for clarity on where tokens/session IDs are stored and how long they persist; (4) note the registry metadata/frontmatter mismatch (~/.config/nemovideo/ listed in SKILL.md but not in registry) — verify whether the skill will create or read that directory; and (5) because the skill owner and homepage are unknown, exercise extra caution with sensitive or private video content.

Review Dimensions

Purpose & Capability: noteName and description match the actions described in SKILL.md: remote GPU rendering, uploads, exports. Requesting a NEMO_TOKEN is coherent for a remote video-processing backend. However, the SKILL.md frontmatter also lists a config path (~/.config/nemovideo/) while the registry metadata reported no required config paths — this inconsistency should be clarified.
Instruction Scope: concernThe instructions instruct the agent to automatically obtain an anonymous token (POST to https://mega-api-prod.nemovideo.ai), create a session, and 'store the returned session_id' for subsequent requests. They also instruct detecting install paths (e.g., ~/.clawhub, ~/.cursor/skills) to set attribution headers. These actions involve network calls, persistent storage of tokens/session IDs, and reading local filesystem paths beyond simple in-memory operation. The SKILL.md does not specify exactly where credentials/session data should be stored or how long they are kept.
Install Mechanism: okNo install spec or code files — instruction-only skill — so there is no package download or archive extraction. This minimizes installation-time risk.
Credentials: concernOnly NEMO_TOKEN is declared as required, which is reasonable for a cloud service. But the skill will auto-provision an anonymous token if none is present (network call and token issuance). The SKILL.md frontmatter mentions a config path (~/.config/nemovideo/) that is not listed in the registry metadata; this mismatch is unexplained. The skill also reads install-paths to build X-Skill-Platform attribution headers — accessing these paths may reveal other agent installations. Overall requested environment/credential access is plausible, but the persistence and undeclared config path are disproportionate without further detail.
Persistence & Privilege: notealways is false (normal) and autonomous invocation is allowed (platform default). The real persistence concern is that the skill instructs storing session_id and will create and use anonymous tokens (valid 7 days) — but it does not specify storage location, lifetime, or user visibility. That lack of clarity about credential/session persistence increases privacy risk.