Skillv1.0.0

ClawScan security

Text To Video Local Model · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 16, 2026, 6:07 PM

Verdict: suspicious
Confidence: high
Model: gpt-5-mini
Summary: The skill claims to run a "local model" but its runtime instructions clearly send user data and jobs to a cloud backend and auto-create/consume tokens — this mismatch and the lack of provenance are concerning.
Guidance: This skill is labeled as a 'local model' but actually runs your prompts and uploaded files through a cloud service (mega-api-prod.nemovideo.ai). Before installing or using it, consider: (1) Do you accept sending potentially sensitive text and files to an external service? (2) The skill will use or automatically obtain a NEMO_TOKEN and include it in every request — tokens grant access to your account/credits. (3) The skill has no listed source/homepage and the registry metadata is inconsistent with the frontmatter; that reduces provenance. If you still want to try it, test only with non-sensitive sample data, verify the remote domain is legitimate, and prefer a skill with a published source, privacy policy, and clear owner. If you expected strictly local-only processing, do not install or use this skill.

Review Dimensions

Purpose & Capability: concernThe name and description advertise a "local model" and local generation, but the SKILL.md instructs the agent to use a cloud rendering pipeline at https://mega-api-prod.nemovideo.ai for session creation, SSE, uploads and exports. That is a substantive mismatch between claimed purpose and actual behavior. The frontmatter also mentions a config path (~/.config/nemovideo/) that is not declared in the registry metadata, an internal inconsistency.
Instruction Scope: concernRuntime instructions direct the agent to POST files and prompts to external endpoints, stream SSE, upload multipart files, poll render status and manage session tokens. It also instructs reading the skill's YAML frontmatter and detecting install path to populate attribution headers. These behaviors go beyond 'local' processing and involve sending potentially large user files to a third-party service.
Install Mechanism: okThere is no install specification and no code files — the skill is instruction-only, which minimizes on-disk install risk. No external downloads or package installs are requested.
Credentials: noteThe only declared required credential is NEMO_TOKEN, which aligns with the described API usage. However, the skill will auto-acquire an anonymous token by POSTing to the service when NEMO_TOKEN is absent; this behavior is functionally reasonable but worth flagging because it means the skill will create and store/use tokens on the user's behalf and send them with every request.
Persistence & Privilege: okThe skill is not always-enabled and does not request elevated platform privileges. It keeps session_id state for operations but does not declare any actions that modify other skills or global agent configuration.