Podcast Video Editing Software
v1.0.0Turn a 45-minute raw podcast recording with two speakers into 1080p polished podcast videos just by typing what you need. Whether it's editing raw podcast re...
⭐ 0· 49·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
The skill only asks for a single service credential (NEMO_TOKEN) and its SKILL.md describes uploading media to a remote rendering backend; that matches the stated goal of cloud podcast video editing. One minor inconsistency: the registry metadata lists no required config paths, but the SKILL.md frontmatter includes a configPaths entry (~/.config/nemovideo/).
Instruction Scope
Runtime instructions focus on authenticating, creating a session, uploading media, sending edit commands, polling render status, and returning a download URL — all expected for this purpose. They explicitly instruct automatically obtaining an anonymous token via the nemovideo API if NEMO_TOKEN is not set and to store session_id and token for subsequent requests. This implies user files and metadata will be transmitted to an external service (nemovideo.ai), which is expected but important for privacy.
Install Mechanism
No install spec or code is included (instruction-only skill), so nothing will be written to disk by the skill itself during install. This minimizes install-time risk.
Credentials
Only one credential is required (NEMO_TOKEN) which is proportional to the described cloud API usage. The SKILL.md also describes auto-creating an anonymous token when none is present — the skill will contact an external API to obtain and then store a token. The exact storage location/permission model is not specified (and the registry metadata/configPaths are inconsistent), so confirm how/where tokens and session IDs are persisted.
Persistence & Privilege
The skill is not marked always:true and uses the platform's normal autonomous invocation settings. It does not request system-wide modifications or other skills' credentials. Autonomous invocation plus external network access increases blast radius if the backend were malicious, but that is expected for a cloud editing skill.
Assessment
This skill appears to do what it claims: it will upload your recordings to an external GPU-backed service (https://mega-api-prod.nemovideo.ai) and use a NEMO_TOKEN to authenticate. Before installing or using it: (1) verify the service/domain (nemovideo.ai) and check its privacy/TOS to understand how long uploads are stored and who can access them; (2) confirm where the skill stores the anonymous token/session_id (environment, config file, or memory) and whether those files are protected; (3) be cautious about uploading sensitive or confidential audio/video to a third-party service; (4) ask the skill author to resolve the metadata inconsistency around configPaths and to document token storage and deletion policies. If you need stronger assurances, request source code or an official homepage for independent review.Like a lobster shell, security has layers — review code before you run it.
latestvk975z6bradhgf312df498aj3c184qwkw
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
🎙️ Clawdis
EnvNEMO_TOKEN
Primary envNEMO_TOKEN