ClawHub

Image To Video Download

Security checks across malware telemetry and agentic risk

Overview

This skill sends user-selected media to NemoVideo for cloud video creation and export, and its remote processing behavior is mostly disclosed and aligned with that purpose.

Install only if you are comfortable sending selected images, prompts, and generated project state to NemoVideo’s cloud service. Avoid private, client-confidential, or regulated media unless you have reviewed the provider’s privacy, retention, and link-sharing terms; prefer a dedicated NEMO_TOKEN if you use one.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (7)

Description-Behavior Mismatch

Medium
Confidence
94% confidence
Finding
The skill is presented as a narrow image-to-MP4 converter, but the documented capabilities clearly extend to broader media editing and multiple output/input formats. This mismatch weakens informed consent and reviewability because users and platform operators may approve a much narrower capability set than the skill actually exercises against a remote backend.

Description-Behavior Mismatch

Medium
Confidence
95% confidence
Finding
The public description suggests a simple file conversion flow, but the body documents a persistent remote session model with state inspection, timeline manipulation, SSE-driven edits, and export orchestration. That is a substantive scope expansion, making the skill more dangerous because it can perform richer remote actions than a user would reasonably expect from the title and summary.

Context-Inappropriate Capability

Low
Confidence
88% confidence
Finding
The instructions direct the skill to inspect local install paths to infer platform identity and transmit attribution headers unrelated to the core media-conversion task. Collecting and sending environment-derived platform metadata increases unnecessary information disclosure and creates a channel for fingerprinting users or hosts.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The invocation examples and routing rules are broad enough that ordinary photo/video requests may activate the skill without users clearly intending to start a remote upload-and-render workflow. In this context, overbroad triggering is risky because activation can lead to automatic authentication, session creation, and remote processing of user media.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill instructs the agent to automatically connect to a remote backend and obtain anonymous tokens without a clear user-facing notice or consent step. This is dangerous because it initiates outbound network access and account/session creation behind the scenes, potentially exposing user data and causing unintended interactions with third-party infrastructure.

Missing User Warnings

Medium
Confidence
98% confidence
Finding
The skill emphasizes convenience but omits a clear privacy and data-handling disclosure even though user images are uploaded for server-side GPU processing and rendering. In the context of personal photos, that omission is significant because users may unknowingly send sensitive or private media to a third party without understanding retention, access, or download exposure.

Missing User Warnings

Low
Confidence
81% confidence
Finding
The export flow returns a remote download URL, but the documentation does not clearly warn users that the generated video will be retrievable from an external location. While lower severity than silent upload, this still matters because remote URLs can be shared, logged, or accessed outside the immediate chat context.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal