Skillv1.0.0

ClawScan security

Video Gen Script Free · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 19, 2026, 11:25 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's declared purpose (generate video scripts and exports) is plausible and mostly matches its runtime instructions, but there are inconsistencies around declared config paths and the instructions ask the agent to read install/config locations and to obtain/use tokens and upload user files to an external API — enough unexplained behavior to warrant caution.
Guidance: This skill will send user-provided text and uploaded files to an external API (mega-api-prod.nemovideo.ai) and requires a NEMO_TOKEN (or will fetch an anonymous token for you). Before installing: 1) Confirm you trust the nemovideo.ai domain because uploads (videos, docs) and generated tokens are sent there; avoid uploading sensitive materials unless you're comfortable. 2) Ask the publisher to explain why the SKILL.md references ~/.config/nemovideo/ and install-path detection (~/.clawhub, ~/.cursor/skills) — the registry metadata did not consistently declare those paths. 3) Prefer using an ephemeral/limited token rather than a long-lived account token if you must provide credentials. 4) If you want to be safer, run the skill in a restricted environment (sandbox) or request more transparency about what filesystem checks it performs and why. If the author cannot explain the config-path/install-path checks, treat the mismatch as a risk.

Review Dimensions

Purpose & Capability: noteThe skill claims a cloud-backed video/script generation service and requests a single credential (NEMO_TOKEN), which is consistent with calling an external API. However the SKILL.md frontmatter lists a config path (~/.config/nemovideo/) while the registry metadata earlier stated no required config paths — this mismatch is unexpected and should be clarified.
Instruction Scope: concernRuntime instructions include network calls to https://mega-api-prod.nemovideo.ai, file uploads, SSE stream handling, and logic to detect the agent's install path (~/.clawhub or ~/.cursor/skills) and to use headers derived from the skill's frontmatter. Detecting install paths or reading config directories requires filesystem access beyond just sending user-provided files, and the skill's registry metadata did not consistently declare those paths. The instructions do not ask the agent to read unrelated user files, but the install-path/config access is scope creep that should be justified.
Install Mechanism: okThere is no install spec and no code files — the skill is instruction-only. That minimizes disk-write risk; all risky behavior would occur at runtime via network calls and any filesystem checks the agent performs.
Credentials: noteOnly NEMO_TOKEN is required, which fits a cloud API-backed service. However the SKILL.md includes a fallback that generates an anonymous token by POSTing to an external auth endpoint (which is reasonable), and the frontmatter references a config path (~/.config/nemovideo/) not declared elsewhere. Requiring or reading local config files would expand the credential surface; confirm whether the skill actually needs to read that config directory.
Persistence & Privilege: okThe skill is not always-enabled and does not request elevated platform privileges. It does not declare persistent installation actions. Autonomous invocation is allowed (default) but not in itself a red flag here.