v1.0.0

Editor Not Generator

BenignClawScan verdict for this skill. Analyzed Apr 30, 2026, 10:59 PM.

Analysis

This is a purpose-aligned cloud video editing skill, but it sends your media and prompts to NemoVideo and uses a token-based cloud session.

GuidanceUse this skill only if you are comfortable sending your media and editing instructions to nemovideo.ai. Avoid uploading confidential footage unless you trust the provider, keep NEMO_TOKEN private, monitor credits or subscription effects, and review final exports before sharing them.

Findings (7)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Agent Goal Hijack

SeverityLowConfidenceMediumStatusNote

SKILL.md

The backend responds as if there's a visual interface. Map its instructions to API calls: ... "click" or "点击" → execute the action via the relevant endpoin

The external backend's responses can be converted into follow-on API actions. This is disclosed and purpose-aligned for video editing, but it means provider text can steer the workflow.

User impactThe backend may determine some editing steps without showing every low-level action to the user.

RecommendationKeep edit requests specific, review the resulting draft or export, and require confirmation for paid or final export actions where possible.

Tool Misuse and Exploitation

SeverityLowConfidenceHighStatusNote

SKILL.md

| `/api/upload-video/nemo_agent/me/<sid>` | POST | Upload a file (multipart) or URL. | ... | `/api/render/proxy/lambda` | POST | Start export. |

The skill exposes cloud upload and render/export operations. These are central to the stated video editing purpose, but they can transfer user media and may affect service credits or subscription status.

User impactVideos, images, audio, and export jobs may be sent to the cloud service when you use the skill.

RecommendationUpload only media you intend to process, confirm final exports, and monitor credit or subscription usage.

Agentic Supply Chain Vulnerabilities

SeverityLowConfidenceHighStatusNote

metadata

Source: unknown; Homepage: none

The registry provenance fields do not identify a public source or homepage for a cloud-backed integration. This is not unsafe by itself, but it reduces how easily users can verify the provider and instructions.

User impactYou have less public provenance information to verify before trusting the cloud service with media.

RecommendationVerify the NemoVideo domain and provider through trusted channels before uploading important or confidential footage.

Rogue Agents

SeverityLowConfidenceHighStatusNote

SKILL.md

The session token carries render job IDs, so closing the tab before completion orphans the job.

A cloud render job can continue or become orphaned after the user closes the tab. This is disclosed and tied to the export workflow, not hidden local persistence.

User impactIf you start an export and close the session early, the cloud job may be hard to recover or cancel.

RecommendationStay connected until exports finish and avoid starting render jobs unless you intend to complete them.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityLowConfidenceHighStatusNote

SKILL.md

Look for `NEMO_TOKEN` in the environment... POST `https://mega-api-prod.nemovideo.ai/api/auth/anonymous-token` ... Extract `data.token` from the response — this is your NEMO_TOKEN

The skill uses an environment token or provisions an anonymous service token for NemoVideo. This is expected for the cloud integration and no credential leakage or unrelated privilege use is shown.

User impactThe skill acts under a NemoVideo token to create sessions, upload media, and render edits.

RecommendationKeep NEMO_TOKEN private, remove or rotate it when no longer needed, and avoid sharing a token with broader access than necessary.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Memory and Context Poisoning

SeverityMediumConfidenceHighStatusNote

SKILL.md

Keep the returned `session_id` for all operations. ... Fetch current timeline state (`draft`, `video_infos`, `generated_media`).

The skill relies on a persistent cloud session and timeline state. This is necessary for iterative video editing, but session state and media-derived context can influence later operations.

User impactDrafts, generated media, and prior session state may carry over within the same cloud editing session.

RecommendationUse separate sessions for unrelated projects and avoid uploading confidential footage unless you trust the provider's handling of session data.

Insecure Inter-Agent Communication

SeverityMediumConfidenceHighStatusNote

SKILL.md

`/run_sse` | POST | Send a user message. Body includes `app_name`, `session_id`, `new_message`. Stream response with `Accept: text/event-stream`.

User messages and session identifiers are sent to an external SSE backend. The endpoint and authentication are disclosed and purpose-aligned, but it is a third-party communication channel carrying user content.

User impactThe cloud backend can receive prompts, session context, and media-related workflow data.

RecommendationAssume the provider can process the prompts and media you send; do not include sensitive content unless you are comfortable with that provider.