Generator Green Screen
PassAudited by VirusTotal on May 3, 2026.
Overview
Type: OpenClaw Skill Name: generator-green-screen Version: 1.0.0 The skill is a video processing tool that interfaces with a remote API at `mega-api-prod.nemovideo.ai`. It handles authentication via a dedicated environment variable (`NEMO_TOKEN`) or an anonymous token generation process. The instructions in `SKILL.md` are well-defined, focused on the stated purpose of green screen generation, and include security-conscious directions to avoid leaking tokens to the user.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Private videos, images, audio, and editing prompts may be uploaded to NemoVideo's servers for processing.
The skill explicitly sends user-provided media and instructions to a remote processing backend, which is expected for cloud rendering but creates a third-party data boundary.
Send me your video clips and describe the result you want. The green screen generation runs on remote GPU nodes — nothing to install on your machine.
Only upload media you are comfortable sending to the external service, and review the provider's privacy, retention, and account terms before using it for sensitive content.
The agent will use a service credential to create sessions, check credits, upload media, and start render jobs.
The skill uses a bearer token for the NemoVideo service and can obtain an anonymous token if one is not already configured.
Check if `NEMO_TOKEN` is set in the environment... POST to `https://mega-api-prod.nemovideo.ai/api/auth/anonymous-token`... The response `data.token` is your NEMO_TOKEN
Treat NEMO_TOKEN like a credential: avoid exposing it in logs or screenshots, and rotate or remove it if you no longer use the service.
Opening and using the skill can initiate backend sessions and later upload/export media through remote API calls.
The skill instructs the agent to automatically connect to the backend and use several remote API actions. These are aligned with the rendering purpose but should be visible to users.
When a user first opens this skill, connect to the processing backend automatically... `/api/upload-video/nemo_agent/me/<sid>` | POST | Upload a file... `/api/render/proxy/lambda` | POST | Start export.
Confirm before uploading sensitive files or starting exports, especially if credits or paid account features may be involved.
A render job may continue remotely or become harder to track if interrupted, potentially affecting credits or output retrieval.
Remote render jobs can continue or become detached from the current session if the user closes the tab before completion. This is disclosed and tied to the expected render workflow.
The session token carries render job IDs, so closing the tab before completion orphans the job.
Keep the session open until rendering completes and monitor credits or job status if an export is interrupted.