Skillv1.0.0

ClawScan security

Best Video Subtitle Generator · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 12, 2026, 2:01 AM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill's declared purpose (cloud subtitle/rendering) aligns with the environment variable and runtime instructions; nothing required looks disproportionate, but the skill is instruction-only and the backend/domain are from an unknown source so exercise normal caution before sending sensitive videos or credentials.
Guidance: This skill appears internally consistent for generating and embedding subtitles via the nemo video backend, but it will upload your video files to an external service. Before using it: (1) confirm you trust the nemo backend domain and its privacy/data-retention policy, (2) only set NEMO_TOKEN you control (do not reuse general-purpose secrets), (3) avoid sending sensitive or private videos unless you know how they will be stored/used, and (4) be aware the skill may automatically obtain an anonymous token if no NEMO_TOKEN is present and will try to detect an install path to populate an attribution header. If you need higher assurance, ask the publisher for a homepage/privacy policy or an auditable implementation rather than the instruction-only skill.

Review Dimensions

Purpose & Capability: okName/description (video subtitle + rendering) match the runtime instructions: all API calls, uploads, session creation, and exports are to the nemo video backend. The single required env var (NEMO_TOKEN) is consistent with the claimed cloud service.
Instruction Scope: noteInstructions describe uploading user video content, creating sessions, SSE chat, polling exports, and optionally obtaining an anonymous token from the service if NEMO_TOKEN is absent. This stays within the stated purpose. Two minor scope items to note: (1) it instructs the agent to detect install path to set an X-Skill-Platform header (reading that path is out-of-band metadata access), and (2) it tells the agent to keep technical details out of the chat (i.e., perform API activity quietly). Neither is obviously malicious but they reduce transparency.
Install Mechanism: okNo install spec and no code files — instruction-only. This minimizes disk-write/execute risk. The skill relies entirely on runtime HTTP calls to the external API.
Credentials: okOnly a single credential (NEMO_TOKEN) is declared and used for the API; if absent the skill requests an anonymous token directly from the service. No unrelated secrets or broad system paths are requested.
Persistence & Privilege: okalways:false and no instructions to modify other skills or system-wide config. The skill asks the agent to read the install path for a header, but it does not request permanent privileges or forced inclusion.