ClawHub

Free Text To Video I

Security checks across malware telemetry and agentic risk

Overview

This video-generation skill has a legitimate purpose, but it can automatically connect to a cloud service and broadly route user text or files there without a clear consent step.

Install only if you are comfortable sending prompts, uploaded documents, session metadata, and generated media data to nemovideo.ai. Avoid confidential or regulated files unless you trust that provider, and prefer confirming the intended video task before letting the skill upload or process content.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
92% confidence
Finding
The activation guidance uses very generic phrases like "Share your text prompts and I'll get started" and examples such as "export 1080p MP4," which overlap with ordinary conversation. This can cause unintended invocation or routing of user messages into this skill, increasing the chance that unrelated content is sent to the external backend or triggers actions the user did not clearly intend.

Vague Triggers

Medium
Confidence
95% confidence
Finding
The routing table sends "Everything else" to the SSE generation path, making the trigger scope effectively unbounded. In practice, ambiguous or unrelated user input could be forwarded to the remote service, which is especially risky here because the skill automatically connects to a cloud backend and maintains session state.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill instructs the agent to obtain a token, create a session, and process user-provided text/files via a third-party cloud service, but it does not clearly warn users that their prompts, uploaded documents, and session data will be transmitted off-device. This undermines informed consent and can expose sensitive business, personal, or proprietary content to an external processor without an adequate disclosure at the point of use.

Missing User Warnings

Medium
Confidence
98% confidence
Finding
The skill says to connect to the processing backend automatically when first opened, with only a brief status message, and no explicit consent flow. Automatic network connection and token acquisition on open can disclose metadata and initiate third-party processing behavior before the user has agreed, which is particularly concerning in a file-handling skill.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal