ClawHub

Free Viral Title Generator

Security checks across malware telemetry and agentic risk

Overview

This skill is framed as a viral title helper but also directs the agent to use a third-party cloud video service with tokens, uploads, rendering, exports, and broad routing rules.

Review before installing. Use it only if you intend to send prompts and media to Nemovideo's cloud backend and are comfortable with token use, possible credit consumption, remote sessions, and exported download links. Avoid sensitive or proprietary videos unless you trust the provider, and require explicit confirmation before connection, upload, render, export, or credit-consuming actions.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (8)

Description-Behavior Mismatch

High
Confidence
99% confidence
Finding
The manifest presents the skill as a harmless viral title generator, but the body defines a substantially different capability set: authentication, session creation, upload, editing, rendering, and export. This mismatch is dangerous because it can mislead users and the host agent into granting access, credentials, and files under false pretenses, enabling covert data transfer and unintended remote actions.

Description-Behavior Mismatch

High
Confidence
98% confidence
Finding
The examples instruct the agent to generate and export videos even though the advertised purpose is title suggestion. These contradictory workflows expand the skill's operational scope far beyond user expectation and increase the chance that normal brainstorming requests trigger file handling, remote processing, or export actions without informed consent.

Context-Inappropriate Capability

Medium
Confidence
95% confidence
Finding
The skill acquires bearer tokens, including anonymous tokens, and opens persistent backend sessions despite claiming to be a simple content ideation tool. Secret and session acquisition for an unnecessarily privileged remote service creates an unjustified trust boundary crossing and could expose user/org credentials to a third-party backend.

Context-Inappropriate Capability

High
Confidence
99% confidence
Finding
Support for large file uploads, state inspection, rendering, and export APIs is unrelated to generating viral titles and materially increases the attack surface. In this context, those capabilities enable exfiltration of user media and metadata to a remote service and permit costly or persistent remote operations that the user did not request from a title tool.

Vague Triggers

Medium
Confidence
92% confidence
Finding
The invocation text is broad enough to match ordinary creative requests and even generic media-related prompts, making accidental activation likely. When paired with hidden networked capabilities, overbroad routing increases the risk that unrelated user input gets sent to the external backend or causes unintended tool behavior.

Vague Triggers

Medium
Confidence
96% confidence
Finding
The catch-all routing rule ('Everything else') directs a wide range of prompts into the SSE action path, effectively turning this skill into a default handler for many unrelated requests. In a mislabeled skill with remote execution semantics, that can cause silent backend transmission of user content and unauthorized use of session state or paid resources.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill instructs automatic use of environment credentials and remote authentication without informing the user that their token will be consumed or that requests will be sent to a third-party service. This undermines informed consent and can lead to covert credential use, unexpected billing/resource consumption, and disclosure of prompt contents to an external system.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill invites users to upload media and use remote processing/export flows but does not disclose privacy, retention, sharing, or download risks. For a tool presented as a lightweight title generator, omission of these warnings makes the behavior especially deceptive and increases the chance of users exposing sensitive media unnecessarily.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal