Skillv1.0.0

ClawScan security

Video Editing By Ai Online · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 21, 2026, 9:17 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's declared purpose (cloud video editing) mostly matches its instructions, but there are inconsistencies and a few surprising instructions (local config path access, install-path detection, and a frontmatter configPaths claim that doesn't match registry), so proceed with caution.
Guidance: This skill appears to implement a cloud video-editing workflow and needs a NEMO_TOKEN to call the nemovideo API — that part is coherent. Things to check before installing: (1) ask the publisher why the SKILL.md frontmatter lists ~/.config/nemovideo/ as a required config path when the registry says none; understand exactly what files will be read. (2) Confirm you trust the endpoint host (mega-api-prod.nemovideo.ai) before uploading private videos. (3) Prefer using a dedicated/limited token or anonymous token for testing; do not reuse highly privileged credentials. (4) If you’re uncomfortable with the skill reading local install paths or config files, request a version that avoids filesystem access or asks for explicit permission first. If the publisher cannot explain the configPath discrepancy, treat this as an additional risk.

Review Dimensions

Purpose & Capability: noteName/description (AI cloud video editing) align with the runtime endpoints and actions (upload, export, render). Requesting a single API token (NEMO_TOKEN) is expected. However, the SKILL.md frontmatter also lists a configPaths requirement (~/.config/nemovideo/) that is not reflected in the registry metadata — an inconsistency that needs explanation.
Instruction Scope: noteInstructions are concrete and focused on interacting with the nemovideo cloud API (session creation, SSE chat, upload, export, polling). They also instruct the agent to: generate an anonymous token if no NEMO_TOKEN is present, read the skill's YAML frontmatter for attribution, and detect the installation path (~/.clawhub, ~/.cursor/skills) to set X-Skill-Platform. Those filesystem checks are not necessarily malicious but broaden scope beyond pure network calls and may cause the agent to inspect local paths.
Install Mechanism: okInstruction-only skill with no install spec or code files; nothing is written to disk by an installer. This is the lowest-risk install mechanism.
Credentials: concernThe declared primaryEnv NEMO_TOKEN is proportionate for a cloud API. But the SKILL.md frontmatter's embedded metadata also lists configPaths (~/.config/nemovideo/) as required; the registry metadata stated 'Required config paths: none'. This mismatch could mean the skill expects to read local config (which might contain other secrets) even though the registry didn't advertise it. Generating an anonymous token via the public endpoint is reasonable, but any behavior that reads local config files should be made explicit to users.
Persistence & Privilege: okSkill does not request always:true, has no install-time persistence, and only asks to save ephemeral session_id data. No evidence it modifies other skills or system-wide settings.