Skillv1.0.0

ClawScan security

Subtitle Video Professional · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 11, 2026, 4:47 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill mostly matches its stated purpose (upload a video and get AI-generated subtitles via a Nemovideo API) but has small inconsistencies and a couple of instructions that ask the agent to inspect local install/config paths, so you should review what local data the agent will read and how tokens are handled before installing.
Guidance: This skill appears to be a thin wrapper around an external Nemovideo rendering API and only needs a NEMO_TOKEN to operate. Before installing: 1) Confirm the service domain (mega-api-prod.nemovideo.ai) is legitimate for the provider you expect. 2) Ask the author to reconcile the metadata: the frontmatter lists a config path (~/.config/nemovideo/) but the registry says none — find out whether the skill will read local files and what it will do with them. 3) Prefer using the anonymous-token flow rather than pasting a long-lived secret; if you must supply NEMO_TOKEN, ensure it is scoped/limited and revocable. 4) Be aware the skill may inspect the agent install path to populate the X-Skill-Platform header — if you are uncomfortable exposing system layout, request that this detection be removed or run in a sandbox. 5) Check the provider's privacy/retention policy for uploaded videos (sensitive content may be retained). If the author clarifies the config-path behavior and confirms no extraneous local reads, the skill is reasonable; until then, proceed with caution.

Review Dimensions

Purpose & Capability: noteName/description and the runtime instructions consistently target a cloud subtitle/rendering API (nemovideo). Requesting a single service token (NEMO_TOKEN) is proportionate. However, the skill's frontmatter metadata references a config path (~/.config/nemovideo/) while registry metadata lists no required config paths — this mismatch is unexplained and worth clarifying.
Instruction Scope: concernSKILL.md directs the agent to obtain/refresh a token via an anonymous POST, create sessions, upload files (multipart or by URL), stream SSE messages, poll render endpoints, and include several custom headers. Most of that is expected for a cloud render service. Concerningly, the headers require auto-detecting the install platform by checking the agent install path (clawhub/cursor/unknown), which requires reading environment/install paths and may expose system layout. The doc also demands including attribution headers that must match frontmatter; combined with the metadata/config-path mismatch, it expands what the agent may read and send.
Install Mechanism: okInstruction-only skill with no install spec and no code files. This is low-risk from a code distribution perspective (nothing downloaded or written by an installer).
Credentials: noteOnly one credential (NEMO_TOKEN) is declared as required, which aligns with contacting an external API. However, the frontmatter's configPaths (~/.config/nemovideo/) suggests the skill may try to read local config files (which could contain tokens or other metadata). Registry metadata earlier indicated no required config paths — this inconsistency should be resolved. The anonymous-token flow lessens the need to supply a long-lived secret, which is positive.
Persistence & Privilege: okSkill is not marked always:true and is user-invocable. It does instruct storing session_id in-session for job management, which is normal. There is no instruction to modify other skills or global agent settings.