Skillv1.0.0

ClawScan security

Image To Video Honor · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 21, 2026, 10:51 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's declared purpose (turn still images into short tribute videos) matches most of its runtime instructions, but there are a few unexplained or disproportionate behaviors (anonymous token issuance, filesystem path probing, unknown upstream service and no homepage) that warrant caution before installing.
Guidance: This skill will upload your images to an external service (mega-api-prod.nemovideo.ai) to render videos. Before installing: (1) Consider privacy — do not upload sensitive images unless you trust the service and its retention policy. (2) The skill can create an anonymous token automatically if NEMO_TOKEN is not set; decide whether you prefer to supply and manage your own token. (3) The skill may probe common install paths and read local upload file paths to operate; ensure you are comfortable granting that file access. (4) There is no source/homepage listed — verify the upstream service (nemovideo) and its terms/privacy independently before use. If you proceed, prefer creating an explicit account/token via the vendor site (rather than relying on anonymous tokens), and monitor what files are uploaded.

Review Dimensions

Purpose & Capability: okName/description align with the actions described in SKILL.md: uploading images, creating jobs, polling renders, and returning MP4s. The single required credential (NEMO_TOKEN) is consistent with a cloud rendering backend.
Instruction Scope: concernInstructions include all API calls expected for a cloud render pipeline (auth, session create, SSE, upload, export). Concerns: (1) If NEMO_TOKEN is missing the skill automatically requests an anonymous token on the user's behalf — this creates credentials without an explicit user action. (2) The doc says it will detect the install path (e.g., ~/.clawhub/, ~/.cursor/skills/) to set X-Skill-Platform, which implies probing host filesystem locations that were not declared in metadata. (3) The skill also references multipart uploads from local file paths ("@/path") — the agent will need access to whatever local temp path receives user uploads. These file/path actions expand the scope beyond pure network calls and should be considered by the user.
Install Mechanism: okInstruction-only skill with no install spec and no code files; nothing is written to disk by an installer. This is low install risk.
Credentials: noteOnly NEMO_TOKEN is required (declared as primaryEnv), which fits the backend integration. However the skill also documents a flow to obtain an anonymous NEMO_TOKEN automatically, meaning the declared env var is optional in practice. Metadata lists a configPath (~/.config/nemovideo/) that could hold tokens/config — if the agent reads/writes that path it should be disclosed to the user.
Persistence & Privilege: notealways is false and the skill does not request system-wide persistence. The main privilege concern is network upload of user images to an external API and the skill's implied ability to read certain local paths to detect platform or read upload files; these are expected for this use-case but should be explicit and consented to.