ClawHub

Text Online Generator

Security checks across malware telemetry and agentic risk

Overview

This is a plausible cloud text-to-video skill, but it needs review because it can send prompts and uploaded files to a third-party service under broad activation rules.

Install only if you are comfortable with prompts, uploaded documents or media, and video session metadata being sent to nemovideo.ai for processing. Use non-sensitive content unless you have reviewed the provider and token handling, and require explicit confirmation before uploads or ambiguous requests are routed to the backend.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Description-Behavior Mismatch

Medium
Confidence
89% confidence
Finding
The skill is presented as a text-to-video generator, but the documented API behavior supports broader media upload and editing workflows, including non-text assets. This expands the effective capability surface beyond what users would reasonably expect, increasing the risk of unintended data sharing and abuse of the agent for unrelated media-processing tasks.

Vague Triggers

Medium
Confidence
86% confidence
Finding
The invocation examples use broad phrases like 'generate my text prompts' and 'turn this text into a 30-second' that can overlap with normal conversation. In an agent environment, ambiguous triggers can cause the skill to activate unexpectedly and send user content to the remote backend without sufficiently clear intent.

Vague Triggers

Medium
Confidence
91% confidence
Finding
The catch-all rule routes 'Everything else' into the main SSE workflow, making the activation boundary extremely broad and unpredictable. This increases the chance that unrelated user text, edits, or sensitive content are forwarded to the third-party service when the user did not clearly request video generation.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill instructs the agent to establish a backend connection, create sessions, and send prompts/files to a third-party API, but it does not clearly warn users that their uploaded content and text will leave the local environment. This is a material privacy and data-handling issue, especially because users may provide documents, prompts, or media that contain sensitive information.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The skill requests access to the sensitive environment token NEMO_TOKEN without clearly warning the user in the markdown description. Access to environment secrets increases the trust boundary of the skill, and users should be informed that the skill can use existing credentials to authenticate to an external service on their behalf.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal