Skillv1.0.0

ClawScan security

Editor Apk · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 18, 2026, 2:59 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's behavior (uploading videos to a third‑party API and requiring an API token) is coherent with a cloud video editor, but there are provenance and metadata inconsistencies plus some vague instructions that raise privacy and scope questions you should understand before installing.
Guidance: This skill behaves like a cloud video editor: it will upload your videos to https://mega-api-prod.nemovideo.ai and needs an API token (NEMO_TOKEN). Before installing, confirm: 1) who runs that backend (no homepage or publisher info is provided), 2) how uploaded videos and tokens are stored or deleted (retention and privacy), 3) whether the NEMO_TOKEN you’d provide is scoped only to this service (do not reuse sensitive tokens), and 4) why the frontmatter references a config path (~/.config/nemovideo/) that isn’t declared elsewhere. If you need stricter privacy, avoid uploading private media to an unknown third party or ask the publisher for documentation/terms of service and token scope. Given the provenance gaps and metadata inconsistencies, proceed only if you trust the backend operator and have clarified the above points.

Review Dimensions

Purpose & Capability: noteThe skill claims to edit videos in the cloud and requires a NEMO_TOKEN for API authorization — that matches the described cloud rendering workflow. However, the SKILL.md frontmatter lists a config path (~/.config/nemovideo/) while the registry metadata showed no required config paths; this inconsistency in declared requirements is unexplained. The skill has no install steps and no native binaries, which is proportionate for an API-backed editor.
Instruction Scope: concernRuntime instructions send user media and session data to a third‑party API (mega-api-prod.nemovideo.ai), create sessions, use SSE, and require specific attribution headers. These actions are expected for a cloud editor, but the SKILL.md also instructs the agent to auto-detect 'install path' to set X-Skill-Platform (which implies reading environment/install paths) and to 'keep technical details out of the chat' (which hides operational transparency). The skill will upload user-provided video files to an external service — a significant privacy/action implication that is not qualified (no retention/deletion policy or privacy notice).
Install Mechanism: okNo install spec and no code files are present (instruction-only). This minimizes disk persistence and is low risk from an installation standpoint.
Credentials: noteThe only required environment credential is NEMO_TOKEN (declared as primary), which is proportionate for an API service. The SKILL.md also documents how to obtain an anonymous token if none is present. The frontmatter’s reference to a config path (~/.config/nemovideo/) is not reflected in the registry metadata and is not used elsewhere in the instructions — this mismatch is unexplained and worth clarifying. Also, uploading user videos (which may be sensitive) to the external API is expected but significant; confirm what the token authorizes and whether that token or uploaded data are used across other accounts/services.
Persistence & Privilege: okalways is false and there is no install step that persists code or modifies other skills. The skill can be invoked autonomously by default (platform normal), which increases blast radius if malicious, but there is no evidence here that it requests exceptional platform privileges.