ClawHub

Best Video Gen Script

Security checks across malware telemetry and agentic risk

Overview

This skill is a cloud video-generation workflow that can send prompts and media to NemoVideo, but it starts remote sessions automatically and under-discloses that behavior to users.

Install only if you are comfortable with prompts, files, and render metadata being sent to NemoVideo's cloud service. Avoid confidential or regulated media unless you have verified the provider's retention and deletion terms, and require the agent to ask before creating sessions, uploading files, or exporting videos.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (8)

Description-Behavior Mismatch

High
Confidence
95% confidence
Finding
The manifest advertises simple script generation, but the body documents materially broader capabilities: remote authentication, session management, file handling, state inspection, and video export. This mismatch can cause users or host platforms to grant trust and permissions under false assumptions, increasing the chance of unintended data exposure or unauthorized remote processing.

Context-Inappropriate Capability

Medium
Confidence
89% confidence
Finding
The skill automatically acquires anonymous tokens and creates backend sessions even though its stated purpose is prompt-to-script generation. Silent authentication to a third-party service expands the trust boundary and can initiate external processing without the user understanding that their requests are being sent off-platform.

Description-Behavior Mismatch

High
Confidence
96% confidence
Finding
The documentation describes a cloud rendering pipeline that produces downloadable MP4s, which is substantially different from merely generating text scripts. This hidden expansion of capability increases the risk of users submitting sensitive media or content to a remote service they did not expect to be involved.

Context-Inappropriate Capability

High
Confidence
95% confidence
Finding
Supporting uploads of videos, images, and audio is inconsistent with a narrowly described script-generation skill and materially raises the sensitivity of handled data. Users may provide personal or proprietary media believing they are using a text tool, leading to unexpected exfiltration to the backend service.

Vague Triggers

Medium
Confidence
82% confidence
Finding
The invocation examples are broad and generic enough to match ordinary conversation, which increases the risk of accidental activation. Unintended triggering is more dangerous here because the skill can authenticate externally and begin remote workflows without a clear, specific user request for those actions.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The catch-all routing rule sends 'everything else' to SSE processing, creating an overly permissive trigger surface. This can cause unrelated user text to be forwarded to the backend, increasing the chance of accidental data disclosure and unintended edits or remote actions.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill performs automatic network authentication and session creation without a clear user-facing disclosure that content will be sent to an external API. This is dangerous because users may reveal sensitive prompts or media under the assumption that processing is local or limited to script drafting.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill supports cloud rendering and downloadable outputs but does not warn users that uploaded files and generated assets are remotely processed. For media content, this materially increases privacy and confidentiality risk because personal or proprietary files may leave the local environment without informed consent.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal