Skillv1.0.0

ClawScan security

Free Product Video · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 28, 2026, 6:24 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's behavior mostly matches its description (it uploads images/videos to a remote rendering API and requires a NEMO_TOKEN), but there are provenance and privacy concerns (no homepage/author info) and the instructions will send user media and session metadata to an external service — the overall package is coherent but lacks external verification.
Guidance: This skill will upload your images/videos and session metadata to an external API (mega-api-prod.nemovideo.ai). That is expected for a cloud-rendering video service, but note: (1) there is no homepage or author information listed — you should verify the service/operator before sending sensitive media; (2) the skill can use your NEMO_TOKEN if provided or obtain a short-lived anonymous token itself — consider whether you want to supply a token and understand how to revoke it; (3) the skill reads its own frontmatter and attempts to detect install paths for attribution headers, which requires filesystem access — ensure you trust the runtime environment; (4) if privacy or IP ownership of product images matters, review the service’s terms/privacy policy (not provided here) before uploading. If you want to proceed cautiously, test with non-sensitive sample images and confirm the download URLs and retention policy with the service operator.

Review Dimensions

Purpose & Capability: okThe skill claims to create product videos from images and its runtime instructions map directly to that purpose: upload files, create a session, send edits, poll for render status, and return a download URL. The sole required env var (NEMO_TOKEN) aligns with authenticating to the declared backend API.
Instruction Scope: noteInstructions explicitly upload user files and all rendering happens on the remote service at mega-api-prod.nemovideo.ai. The skill also instructs the agent to read its own frontmatter for attribution and to detect the agent install path (~/.clawhub or ~/.cursor/skills) to set an X-Skill-Platform header — these are reasonable for attribution but require filesystem access. The skill also implements an anonymous-token flow if NEMO_TOKEN is absent, meaning the agent will make outbound network calls to obtain credentials; this is expected but worth noting for privacy.
Install Mechanism: okThis is an instruction-only skill with no install spec or code files, so nothing is written to disk or downloaded by the skill itself. That lowers installation risk.
Credentials: noteOnly one credential is declared (NEMO_TOKEN) which fits the API usage. The skill also offers to obtain an anonymous token automatically. The frontmatter lists a config path (~/.config/nemovideo/) that isn't clearly used in the instructions; this is not critical but slightly unexpected. Overall credential requests are proportional, but you will be uploading potentially sensitive media to an external service.
Persistence & Privilege: okThe skill does not request always:true, does not install services, and does not attempt to change other skills' settings. Autonomous invocation is allowed (platform default) but not combined with elevated persistence.