Skillv1.0.0

ClawScan security

Video Clip Maker App · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 13, 2026, 7:33 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's runtime instructions broadly match a cloud video-editing service (uploads + API token) but there are provenance and metadata inconsistencies and a few instructions that require extra filesystem/environment access that aren't declared — review before installing or uploading private videos.
Guidance: This skill looks like a legitimate cloud video-editing integration, but take these precautions before installing or using it: - Provenance: The skill's source/homepage is unknown. Ask the publisher for source code or an authoritative homepage and verify the domain (mega-api-prod.nemovideo.ai) is legitimate for the service. - Privacy: Using the skill requires uploading your video files to the external domain. Do not upload sensitive or private videos until you confirm the service's privacy policy and retention practices. - Tokens & storage: The skill can reuse an existing NEMO_TOKEN or generate an anonymous token via the anonymous-token endpoint. Ask how and where session_id and tokens are stored (memory only, or written to ~/.config/nemovideo/?). The SKILL.md’s YAML also references ~/.config/nemovideo/ even though the registry said no config paths — ask the developer to explain or remove that requirement. - Filesystem access: The skill instructs deriving X-Skill-Platform from local install paths (~/.clawhub/, ~/.cursor/skills/). This requires read access to the filesystem; confirm whether the agent will only check for existence and that no broad filesystem reads occur. - Sandbox/test: If you decide to try it, test with non-sensitive, short sample videos first to confirm where data flows, how long media is retained, and what headers/attribution the skill sends. If the publisher cannot provide verifiable source code or clear answers about config path usage and data retention, treat the skill as untrusted for private content.

Review Dimensions

Purpose & Capability: noteThe name/description (cloud video clip editing) aligns with the runtime behavior: it uploads user video files and calls a remote rendering API, and it requires a service token (NEMO_TOKEN). That credential is proportionate to the stated purpose. However, the SKILL.md YAML frontmatter declares a config path (~/.config/nemovideo/) which the registry metadata did not list; this mismatch is unexplained and suggests the skill may expect to read or write a local config directory that wasn't declared in the registry.
Instruction Scope: concernInstructions direct the agent to upload user media to https://mega-api-prod.nemovideo.ai and to request or generate an anonymous token via POST to /api/auth/anonymous-token. Those network calls are expected for a cloud editing service, but the SKILL.md also instructs the agent to derive X-Skill-Platform by checking install paths (~/.clawhub/, ~/.cursor/skills/) and to include YAML frontmatter-derived headers on every request. That requires the agent to inspect local filesystem paths and possibly local install locations — behavior not declared in the registry and not necessary for core functionality. The instructions additionally tell the agent to 'save session_id' but do not specify storage scope (memory vs disk).
Install Mechanism: okThis is an instruction-only skill with no install spec and no code files — lowest-risk from an installation perspective. Nothing will be written to disk by an installer step. The primary runtime risk comes from network interactions described in SKILL.md rather than from installed code.
Credentials: noteThe only required environment variable declared is NEMO_TOKEN (primary credential), which is appropriate for an API-backed video service. The SKILL.md also provides a path to obtain an anonymous token via the service (X-Client-Id/POST). However, the YAML frontmatter's mention of configPaths (~/.config/nemovideo/) is not reflected in the registry metadata and suggests additional local config access that wasn't declared. The skill instructs reading NEMO_TOKEN if present; that is expected. No other unrelated secrets or credentials are requested.
Persistence & Privilege: okThe skill does not request 'always: true' and is user-invocable; autonomous invocation is allowed (platform default). There is no install step that modifies other skills or system-wide settings. The only persistence implied is saving session_id and possibly NEMO_TOKEN (if obtained), but the doc does not mandate storing credentials into system-wide config; this is ambiguous and should be clarified before use.