ClawHub

Video Generator

Security checks across malware telemetry and agentic risk

Overview

The skill appears related to video generation and website asset collection, but it gives agents broad network and public-sharing authority without enough user control or warnings.

Install only if you are comfortable with the agent scraping target sites, downloading external assets, using a Firecrawl API key, and potentially creating a public tunnel to a local preview server. Require explicit approval before any tunnel is opened, stop it after use, avoid sensitive projects, and do not provide internal/private URLs or credentials unless the workflow has been tightened.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (6)

Context-Inappropriate Capability

Medium
Confidence
95% confidence
Finding
The skill instructs exposing a local Remotion development server through a public Cloudflare tunnel, which turns a local service into an internet-reachable endpoint. A dev server can expose source code, local assets, debug functionality, and potentially unintended filesystem or environment-derived data, making this broader and riskier than simple video generation.

Context-Inappropriate Capability

Medium
Confidence
90% confidence
Finding
The skill tells the agent to fetch arbitrary user-provided URLs with `curl`, enabling unrestricted outbound requests beyond the declared Firecrawl integration. This can be abused for SSRF-like access to internal services, retrieval of sensitive local-network resources, or downloading malicious/untrusted content into the project workspace.

Context-Inappropriate Capability

Medium
Confidence
89% confidence
Finding
Manual direct downloads of arbitrary image URLs extracted from scraped pages expand the skill from structured scraping into general-purpose network retrieval. That increases exposure to malicious URLs, internal-address fetches, oversized payloads, and untrusted content handling without any declared constraints or warnings.

Missing User Warnings

High
Confidence
96% confidence
Finding
The skill recommends publicly tunneling a local dev server without an explicit user warning about privacy, exposure scope, or the fact that anyone with the URL may reach the service. In the context of a development server, that omission is dangerous because users may unknowingly expose unpublished content, local project files, or interactive endpoints to the internet.

Missing User Warnings

Medium
Confidence
84% confidence
Finding
The skill requires website scraping and asset downloading but does not clearly warn the user that it will send requests to external services and transfer website content to local storage or third-party APIs. This matters because users may not expect external network activity, data retention, or possible transmission of target URLs and content to Firecrawl.

Missing User Warnings

Medium
Confidence
81% confidence
Finding
The skill depends on `FIRECRAWL_API_KEY` but does not include explicit guidance about secret handling, such as not printing the key, not embedding it in generated files, and not exposing it via logs or public endpoints. In a workflow that also starts servers and tunnels, poor secret hygiene raises the chance of accidental credential disclosure.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal