ClawHub

Meta Video Ad Deconstructor

Security checks across malware telemetry and agentic risk

Overview

This is a coherent Gemini-based video ad analysis skill, with the main caution that ad-derived text and scene data are sent to Google’s AI service.

Install only if you are comfortable sending ad transcripts, text overlays, scene descriptions, and summaries to Gemini/Vertex AI. Use a dedicated least-privileged Google service account, keep the credential file out of repositories, consider pinning dependencies in your environment, and avoid confidential or regulated creative material unless your organization’s Google data-handling terms allow it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
83% confidence
Finding
The suggested invocation phrase is very broad and can cause the skill to trigger on vague requests like 'deconstruct this competitor's ad' without clear scope, source, or user confirmation. In an agent environment, overly broad triggers increase the chance of unintended activation on sensitive media or data, especially since the skill can process transcripts, overlays, scenes, and files and send content to Gemini/Vertex AI.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill instructs users to configure Google service-account credentials and use Gemini/Vertex AI, but it does not warn that ad content, transcripts, overlays, or metadata may be transmitted to an external cloud service. This omission can lead users to expose sensitive videos, proprietary competitor materials, or credentials without understanding the trust boundary or the need to protect the service-account key file.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The code sends transcript, scene, and text-overlay content directly to an external Gemini model via generate_content without any consent check, warning, redaction, or policy gating in this file. Even though the content is ad-analysis data, it may still contain sensitive or proprietary material, so silent third-party transmission creates a real privacy and data-handling risk.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
For each dimension, the deconstructor builds a prompt containing transcript, summary, text timeline, scenes, and other derived content, then sends it to Gemini. This multiplies external disclosure across repeated requests and increases exposure of potentially sensitive or proprietary ad content, especially because there is no visible warning, consent flow, or minimization in this code path.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal