Skillv1.0.0

ClawScan security

Image To Video Ai Discord · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 25, 2026, 8:03 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's instructions and requested NEMO_TOKEN credential line up with its stated image→video purpose, but there are small inconsistencies (unknown source, an unused local config path declaration, and headers that require exposing install-path info) that warrant caution before installing.
Guidance: This skill appears to do what it says — it uploads images to mega-api-prod.nemovideo.ai and returns rendered videos — but take these precautions before installing: - Source and provenance: the registry metadata shows no homepage and an opaque owner ID. If you require provenance, avoid installing until you can verify the publisher or find an official project page. - Privacy: any image you send will be uploaded to the remote service. Do not upload sensitive or private images unless you trust the service and its retention policy. - Token handling: NEMO_TOKEN is effectively an API key. Use an anonymous/ephemeral token if possible (the SKILL.md documents how to request one). Do not paste long-lived secrets you use elsewhere. - Local config mismatch: the skill declares ~/.config/nemovideo/ in metadata but the runtime instructions don't reference it; that mismatch is likely a packaging oversight but verify nothing on your agent will read local files you don't expect. - Headers/install-path: the skill asks that X-Skill-Platform be auto-detected from an install path. Confirm the agent won't leak other local path or system information when doing that auto-detection. If you are comfortable with those trade-offs (uploading images to the external endpoint and granting the skill a single token), this skill is functionally coherent; otherwise skip or request a skill with verifiable source/maintainer information.

Review Dimensions

Purpose & Capability: noteThe skill claims to convert images to videos via a remote API and only requests a single credential (NEMO_TOKEN), which is appropriate. However the metadata also declares a local config path (~/.config/nemovideo/) that the SKILL.md never instructs the agent to read — this is an unexplained mismatch (likely benign/oversight but worth flagging).
Instruction Scope: noteSKILL.md instructs the agent to create/consume an anonymous token, create sessions, upload user files (multipart or by URL), stream SSE responses, poll render status, and include three attribution headers on every request. Those actions are coherent with remote rendering. Minor concern: the requirement to auto-detect X-Skill-Platform from the install path implies the agent may inspect its install location or environment, which is outside the narrow remit of pure media conversion.
Install Mechanism: okInstruction-only skill with no install spec and no code files — lowest-risk distribution mechanism. Nothing is downloaded or written by an installer.
Credentials: noteOnly a single credential (NEMO_TOKEN) is declared and used in the instructions (including a supported anonymous-token flow). That is proportional to the skill's remote-API workflow. Still: NEMO_TOKEN grants the skill the power to upload user files and trigger renders on an external service, so treat the token as sensitive.
Persistence & Privilege: okThe skill does not request always:true and has no install-time persistence. It stores/transmits ephemeral session IDs to the backend per the instructions; there is no evidence it modifies other skills or system-wide settings.