Video Filter Effects
PassAudited by VirusTotal on May 6, 2026.
Overview
Type: OpenClaw Skill Name: video-filter-effects Version: 1.0.0 The skill provides a functional interface for a cloud-based video processing service hosted at nemovideo.ai. It includes detailed instructions for the AI agent to handle anonymous authentication, session management, and video rendering workflows. The requested permissions (NEMO_TOKEN and network access to the service's API) are directly aligned with the stated purpose of applying video filters, and there are no indicators of malicious behavior such as data exfiltration, unauthorized local execution, or harmful prompt injection.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If invoked, the agent may send selected media to the cloud and initiate export jobs on the user's behalf.
The skill instructs the agent to automatically create a cloud session and call upload/export APIs. These actions are central to the video-filtering purpose, but they can upload files, start processing jobs, and potentially consume service credits.
On first use, set up the connection automatically... `/api/upload-video/nemo_agent/me/<sid>` | POST | Upload a file... `/api/render/proxy/lambda` | POST | Start export.
Use clear prompts and consider asking the agent to confirm before uploading large/private files or starting exports.
Anyone who obtains the token could potentially use the associated backend session or credits.
The skill relies on a bearer token for the NemoVideo backend. This is expected for the service and the instructions explicitly say not to expose the token, but it is still account/session authority.
Every API call needs `Authorization: Bearer <NEMO_TOKEN>`... Don't expose tokens or raw API output.
Keep NEMO_TOKEN private, avoid pasting it into chat, and rotate or remove it if you believe it was exposed.
Videos, images, audio, and prompts submitted for editing may leave the local device and be processed by the cloud backend.
The workflow sends user media and editing instructions to an external cloud provider. This is clearly disclosed and purpose-aligned, but uploaded videos may contain sensitive personal or business content.
This tool takes your video clips and runs AI filter application through a cloud rendering pipeline. You upload, describe what you want, and download the result.
Only upload media you are comfortable sending to NemoVideo's cloud service, especially if it contains private people, locations, client work, or confidential material.
It is harder to independently verify who maintains the skill or review its external service documentation.
The registry metadata does not provide a source repository or homepage. Because there are no code files, this is a provenance notice rather than evidence of unsafe behavior.
Source: unknown; Homepage: none
Verify that you trust the listed service domain and avoid using the skill with sensitive media if you cannot validate the provider.