ClawHub

HeyGen Video Agent

Security checks across malware telemetry and agentic risk

Overview

This is a coherent HeyGen video-generation plugin, with normal API-key, billing, webhook, and third-party data-sharing caveats.

Install only if you want OpenClaw agents to generate HeyGen avatar videos. Review fetched install instructions before letting an agent run them, use a dedicated HeyGen API key where possible, expect video generation and smoke tests to spend credits, and avoid sending sensitive scripts, images, or webhook URLs unless approved.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Context-Inappropriate Capability

Medium
Confidence
88% confidence
Finding
The provider passes through an arbitrary user-supplied callback_url to HeyGen without restricting destination, scheme, or trust boundary. In a plugin that is supposed to perform one-shot video generation, this creates an unnecessary outbound data-flow/control-flow primitive that can be abused to send completion events and identifiers to attacker-controlled infrastructure, and may become more serious if upstream services include sensitive metadata in callbacks.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The README tells users to paste a prompt that causes an agent to fetch and follow remotely hosted installation instructions, ask for API keys, and perform actions based on mutable external content. This creates a supply-chain and prompt-injection risk because the referenced INSTALL_FOR_AGENTS.md can change over time, and users are encouraged to delegate trust and secret handling to an agent without reviewing the exact instructions first.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal