ClawHub

IMA AI Video Generator — Short & Promo Video, Text to Video, Image to Video Generation

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed IMA video-generation integration, with expected API-key and media-upload behavior but some credential-handling hygiene to watch.

Install only if you intend to send prompts, selected media, and an IMA API key to IMA Studio services. Avoid running commands that print your full API key, do not share logs or screenshots containing local paths or credentials, and use a scoped or test key when evaluating the skill.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
91% confidence
Finding
The keyword file is packed with broad, generic phrases such as 'AI video generator', 'video generator', 'short video generator', and 'image to video' that are likely to match many ordinary user requests. This can cause the skill to activate too often, hijack unrelated prompts, or be selected over more appropriate tools, which increases the attack surface and can lead to unintended data flow to the skill or degraded agent routing.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The troubleshooting guide explicitly instructs users to run `echo "$IMA_API_KEY"`, which prints a live credential to the terminal and increases the chance of shoulder-surfing, screen recording capture, shell log capture, or accidental inclusion in screenshots and support transcripts. In this skill context, users are likely debugging authentication issues and may share terminal output with others, making credential exposure more likely rather than theoretical.

Missing User Warnings

Low
Confidence
88% confidence
Finding
The code logs full local file paths when preparing media uploads, which can expose sensitive filesystem information such as usernames, directory structures, project names, or mounted secret locations in logs. While this is primarily an information disclosure issue rather than direct code execution, logs are often broadly accessible in CI, support, or shared runtime environments, making the leakage meaningful.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The function reads local files or raw bytes and uploads them to remote object storage whenever an API key is present, but this file provides no explicit consent, warning, or policy guard before exfiltrating local media. In a skill that accepts user-supplied paths and media inputs, this behavior can cause unintended transfer of local content to a third-party service, which is a real privacy and data-handling risk even if it is expected product behavior.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal