ClawHub

Pixcli Skill

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed creative-media workflow that uses a remote pixcli service and Remotion templates, with privacy and overwrite cautions users should understand.

Install only if you are comfortable using a remote AI media service. Do not send secrets, regulated data, private customer content, or unreleased media unless approved, prefer PIXCLI_API_KEY in the environment over --key, and check output filenames before running render or ffmpeg commands that may overwrite files.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (6)

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill encourages use of a remote CLI service for generating images, video, voice, music, and optional search-grounded outputs, but it does not clearly warn that prompts, uploaded files, and possibly search-related data are transmitted to third-party services. In an agent setting, that can lead to accidental exfiltration of sensitive text, images, audio, or proprietary assets when users assume processing is local.

Missing User Warnings

Low
Confidence
90% confidence
Finding
The documentation shows use of an API key and also documents a global `--key` flag, but it does not warn against exposing credentials in shell history, logs, screenshots, or command output. In agent workflows, secrets passed on the command line or echoed in transcripts can be inadvertently retained or disclosed.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The documentation explicitly supports sending prompts, source images, and arbitrary paths/URLs to remote generation APIs, but it gives no warning that this may transmit sensitive local media, proprietary content, or user-supplied URLs to third-party services. In an agent context, this is more dangerous because agents may automatically forward files or URLs without the user understanding the privacy, retention, or external-sharing implications.

Missing User Warnings

Low
Confidence
84% confidence
Finding
The command reference documents `--key <api_key>` as a direct CLI argument but does not warn that command-line arguments can be exposed via shell history, process listings, logs, and agent traces. In an automation or agent setting, this increases the chance of accidental credential disclosure and downstream account misuse.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The `--search` examples encourage sending prompts about brands, products, or current events to external search-backed services without disclosing that prompt content and related query data may leave the local environment. In an agentic setting, users may include confidential campaign plans, unreleased products, or sensitive brand context in prompts, creating a real privacy and data-handling risk.

Missing User Warnings

Medium
Confidence
83% confidence
Finding
The `ffmpeg` example uses `-y`, which forces overwrite of the output file without confirmation. In automation or repeated runs, this can silently destroy an existing `social-post.mp4` or clobber a user-selected output path, causing data loss and making accidental misuse easier.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal