Skillv1.0.0

ClawScan security

Image To Video Best · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 19, 2026, 9:50 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's declared purpose (convert images to videos) matches its network calls and required token, but there are a few inconsistencies and privacy/automation concerns you should know about before installing.
Guidance: This skill appears to do what it says (upload your images to a third‑party backend to produce videos), but it will send your images and prompts to mega-api-prod.nemovideo.ai and may automatically obtain an anonymous NEMO_TOKEN if you haven't provided one. Before installing or using it: 1) be comfortable with sending any images you provide to that external service (avoid sensitive or private images), 2) consider supplying your own NEMO_TOKEN rather than allowing automatic anonymous token creation, 3) ask where session_id/token will be stored and for how long (the SKILL.md says to 'store' them but is vague), and 4) note the metadata mismatch about a config path (~/.config/nemovideo/) — verify whether the skill will read/write that directory. If you need stronger guarantees about data handling, contact the skill author or prefer a skill that runs locally.

Review Dimensions

Purpose & Capability: noteThe skill's requirements (NEMO_TOKEN, calls to mega-api-prod.nemovideo.ai) align with an image→video cloud-rendering service. However the SKILL.md frontmatter declares a config path (~/.config/nemovideo/) while registry metadata shows 'Required config paths: none' — this mismatch is inconsistent. Requiring only NEMO_TOKEN is proportionate to the stated purpose.
Instruction Scope: concernInstructions direct the agent to upload user images, create sessions, stream edits via SSE, and poll for export results on a third-party API (mega-api-prod.nemovideo.ai). That's expected for cloud rendering, but the skill also instructs the agent to automatically obtain an anonymous token if NEMO_TOKEN is not set (network call and credential creation without explicit user opt-in). The skill will transmit user files and prompts off‑platform; users should be made aware of data exfiltration/privacy implications. The instructions also say to 'store the returned session_id' but do not specify where or for how long — potential persistence/privacy ambiguity.
Install Mechanism: okNo install spec and no code files — instruction-only. This minimizes local installation risk (nothing is written to disk by an installer). Network activity still occurs at runtime per SKILL.md.
Credentials: noteOnly one environment variable (NEMO_TOKEN) is declared and used, which is appropriate. The skill, however, will auto-create an anonymous token via the service API when no NEMO_TOKEN is present — this is functionally reasonable but worth flagging because it implies the agent will make outbound network calls and obtain credentials automatically. The frontmatter references a config path which may suggest optional local storage, but registry metadata did not declare it.
Persistence & Privilege: notealways:false (normal). The skill recommends storing session_id and implicitly persisting the anonymous token if obtained, but it doesn't request 'always:true' or other elevated privileges. Autonomous invocation is allowed (platform default) — combined with automatic token generation and network upload of user images, this increases the blast radius if misused, so be cautious.