ClawHub

Best Free Video Generation Apps

Security checks across malware telemetry and agentic risk

Overview

This looks like a real cloud video generation skill, but it can automatically open third-party sessions and broadly route user prompts or media to an external service without enough scoping or consent.

Install only if you intend to use NemoVideo's cloud service for generation and editing. Avoid private, confidential, or rights-sensitive prompts and media unless you trust that provider, and use a dedicated NEMO_TOKEN where possible. Confirm before uploads, generation, or export so ordinary media-editing requests are not unintentionally sent to the external API.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (6)

Context-Inappropriate Capability

Medium
Confidence
92% confidence
Finding
The skill declares access to a bearer token from the environment and a local config path, which exceeds what a user would reasonably expect from a simple prompt-to-video helper. This expands the trust boundary to local secrets and files, creating risk of unintended credential use or disclosure if the skill is invoked broadly or modified later to read additional local state.

Description-Behavior Mismatch

Medium
Confidence
87% confidence
Finding
The marketed purpose is narrow, but the implementation performs authentication, session creation, state polling, credit inspection, and export-plan logic. That mismatch can mislead users about the scope of actions taken on their behalf and increases the chance that account-affecting or privacy-relevant operations happen without informed consent.

Vague Triggers

Medium
Confidence
84% confidence
Finding
Routing 'everything else' to the SSE action is an overly broad trigger that can cause the skill to activate on unrelated user messages. In this skill, unintended invocation is more dangerous because activation initiates external API interactions and may use existing tokens or create sessions automatically.

Vague Triggers

Medium
Confidence
80% confidence
Finding
The suggested phrase 'tell me what you're thinking' is vague everyday language that could overlap with normal conversation, increasing the likelihood of accidental invocation. While not directly exfiltrating data on its own, it widens the path to unintended uploads or session creation when combined with the skill's automatic setup behavior.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill encourages users to share prompts or images, but does not clearly warn that this content will be transmitted to a third-party cloud API. Users may submit sensitive images or proprietary text under the mistaken assumption that processing is local or limited to the assistant.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill automatically acquires a token and connects to an external API before doing anything else, without clear upfront disclosure that authentication and remote processing will occur. This is privacy- and account-relevant behavior, and in context it is especially risky because it can happen prior to meaningful user consent.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal