Skillv1.0.0

ClawScan security

Video Editor Ai Kissing · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 26, 2026, 2:49 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's behavior mostly matches a cloud-based video-editing service, but there are metadata inconsistencies and privacy/exfiltration risks (automatic token creation and file uploads to an external API) that you should understand before installing.
Guidance: This skill will upload your video files to an external service (mega-api-prod.nemovideo.ai) and will create/use an authorization token (it can generate an anonymous token if you haven't provided one). Before installing or using it: (1) confirm you trust the remote service and review its privacy/terms (especially because video content can be sensitive or depict people); (2) ask the publisher for a source repository or homepage — none is listed, which reduces transparency; (3) be aware the skill may persist session tokens/config under ~/.config/nemovideo/ (the frontmatter mentions this even though the registry summary did not); (4) avoid sending private/sensitive footage until you verify where data is stored, how long it is retained, and how they handle consent for generated/altered content; (5) if you need to proceed, prefer providing your own NEMO_TOKEN (so the skill doesn't create an anonymous token itself) and request details about token lifecycle and storage. If the publisher can supply source code or a privacy policy and reconcile the configPath metadata, that would reduce uncertainty.

Review Dimensions

Purpose & Capability: noteThe skill's name and instructions clearly describe a cloud video-editing service that uploads user video, creates sessions, and returns edited MP4s — that matches the claimed purpose. However, registry metadata earlier said no required config paths while the SKILL.md frontmatter declares a configPaths value (~/.config/nemovideo/). The package has no source/homepage listed which reduces transparency.
Instruction Scope: concernThe SKILL.md instructs the agent to obtain/use an authorization token, create sessions, upload user files (multipart file uploads or URL-based uploads), stream SSE responses, poll render status, and return download URLs. Those network calls and file uploads are coherent with video processing, but they also mean user videos (potentially sensitive) will be sent to a third-party domain (mega-api-prod.nemovideo.ai). The skill also instructs the agent to automatically obtain an anonymous token if NEMO_TOKEN is not present — this enables the skill to contact the external service without an explicit pre-provided credential. The doc tells the agent not to display raw API responses or tokens, which could hide backend responses from users. The instructions don't specify where session_id/token are stored (persistence location), and rely on an 'install path' to auto-detect platform even though there is no installer.
Install Mechanism: okThere is no install spec and no code files — this is instruction-only. That minimizes local disk footprint and installer risk.
Credentials: concernThe skill declares a single required env var (NEMO_TOKEN), which is appropriate for a remote service. However, the SKILL.md frontmatter also lists a configPaths entry (~/.config/nemovideo/) that was not reflected in the registry summary — that inconsistency suggests the skill expects access to local config files or will create them. The agent is also instructed to generate/store an anonymous token at runtime, which effectively creates credentials on behalf of the user and may persist them; that persistence and the unlisted config path are disproportionate unless you intend to allow local config/token storage.
Persistence & Privilege: noteThe skill is not always-enabled and does not request elevated platform privileges. It does instruct the agent to automatically connect on first use and to store session_id and tokens for subsequent requests, so it will establish ongoing sessions with the remote backend. That persistent session behavior is expected for a cloud render service but worth noting because it allows continued interaction with the external API until tokens expire or are revoked.