ClawHub

Text To Video Create

Security checks across malware telemetry and agentic risk

Overview

This skill does what it advertises, but it automatically connects to a third-party video service and may create a token before the user has clearly opted in.

Install only if you are comfortable with the agent contacting nemovideo.ai, creating or using a NemoVideo token/session, and sending selected prompts or uploaded documents for cloud processing. Avoid confidential, regulated, or secret-containing files unless you trust that provider’s handling, and prefer explicitly providing a dedicated NEMO_TOKEN rather than relying on automatic anonymous token creation.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Context-Inappropriate Capability

Medium
Confidence
95% confidence
Finding
The skill explicitly instructs the agent to obtain an anonymous token automatically when no user-provided credential is present. This expands the skill from simple media generation into account/token acquisition and enables network actions under newly created service credentials without explicit user consent, which is a real security and privacy concern.

Vague Triggers

Medium
Confidence
77% confidence
Finding
The invocation language is broad enough that ordinary creative requests could trigger this skill even when the user did not intend to use an external video-generation backend. That increases the chance of accidental activation, unexpected uploads, and unintended token/session creation.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill says to establish a backend connection before handling any request and to keep technical details out of the chat, while also allowing automatic token acquisition. This creates hidden network and credential actions without meaningful notice to the user, which is dangerous when prompts or uploaded files may contain sensitive content.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal