Skillv1.0.0

ClawScan security

Ai Maker Generator · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 19, 2026, 3:26 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill mostly behaves like a cloud video-generator and only needs a single API token, but there are metadata inconsistencies and token-handling details (anonymous-token issuance, implied config-path access and required attribution headers) that deserve review before installing.
Guidance: This skill appears to be a straightforward cloud video-generator and only needs an API token, but take these precautions before installing: 1) Verify the backend domain (mega-api-prod.nemovideo.ai) and the publisher — there is no homepage or source listed. 2) Ask the skill author to clarify the config-path discrepancy: does the skill read/write ~/.config/nemovideo/? If so, where and for what data? 3) Confirm how anonymous tokens are stored/used: are they kept only in-memory, or written to disk/env vars where other processes could read them? 4) Be careful uploading sensitive media (commercial secrets, personal data). 5) If you need higher assurance, request source code or an API docs link and test the anonymous-token endpoint separately (inspect its responses) before giving the skill long-term credentials. These checks will reduce the risk of accidental token exposure or unexpected filesystem access.

Review Dimensions

Purpose & Capability: noteThe name/description (AI video generator) align with the runtime instructions and the single required credential NEMO_TOKEN — that is expected. However, the skill frontmatter references a config path (~/.config/nemovideo/) while the registry metadata says no required config paths, an internal inconsistency that should be clarified (is the skill expected to read/write that directory?).
Instruction Scope: noteInstructions are focused on connecting to a remote rendering API, uploading user media, creating a session, and polling for exports. They explicitly read NEMO_TOKEN and, if absent, call an anonymous-token endpoint to obtain one. The instructions do not ask for unrelated system files or additional environment variables, but they do require the agent to auto-detect an install path for the X-Skill-Platform header which implies access to agent runtime metadata. This scope is reasonable for the described purpose, but the anonymous-token flow and implied filesystem access are areas to verify.
Install Mechanism: okThis is an instruction-only skill with no install spec and no code files — lowest install risk. Nothing is written to disk by an installer in the package itself.
Credentials: noteOnly a single credential (NEMO_TOKEN) is declared as required, which is proportionate for a cloud API. Caveats: the skill offers to obtain an anonymous token if none exists (server-issued token valid 7 days) — check where that token will be stored or whether it remains only in-memory. Also the frontmatter's config path (~/.config/nemovideo/) suggests the skill may read from or write to a user config directory; that should be confirmed, since access to arbitrary config directories can expose other secrets if mis-specified.
Persistence & Privilege: okThe skill is not force-installed (always:false), is user-invocable, and doesn't request system-wide persistence or modifications to other skills. Autonomous invocation is allowed (platform default) but not combined with other high-risk behaviors here.