ClawHub

Free Video Image Generation

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only cloud video generation skill whose network, upload, session, and export behavior fits its stated purpose, though users should understand that media and prompts go to an external service.

Install only if you are comfortable sending prompts and uploaded media to nemovideo.ai for cloud processing. Use a dedicated or disposable NEMO_TOKEN when possible, avoid sensitive private media unless you trust the provider's retention and access practices, and do not allow the agent to read ~/.config/nemovideo/ unless you intend to provide local service configuration.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (6)

Description-Behavior Mismatch

Medium
Confidence
92% confidence
Finding
The manifest and top-level description present the skill as a simple text/image-to-video generator, but the documented actions expose broader editing capabilities such as overlays, audio, timeline inspection, and iterative edits. This mismatch can cause users and policy engines to under-scope the skill's actual behavior, increasing the chance that sensitive media is processed or modified in ways the user did not expect.

Description-Behavior Mismatch

Low
Confidence
84% confidence
Finding
The public description says the skill works with text prompts, images, and MP4, while the implementation documentation allows many additional media types including audio and other containers. This is a scope-transparency issue: users may upload content without realizing the true range of accepted inputs and associated handling paths.

Intent-Code Divergence

Low
Confidence
80% confidence
Finding
The getting-started text says the tool handles only text prompts, but later sections describe file upload and broader media-editing workflows. This inconsistency can mislead users about what data will be sent and what operations will occur, weakening informed consent and safe-use expectations.

Vague Triggers

Medium
Confidence
89% confidence
Finding
Routing 'Everything else' to the SSE generation/edit action is overly broad and can cause unrelated or ambiguous user input to be sent directly to the remote backend. That increases the risk of unintended data disclosure, unexpected actions, and prompt injection-style abuse through misclassification.

Missing User Warnings

High
Confidence
96% confidence
Finding
The skill omits a clear user-facing disclosure that prompts, files, and session state are transmitted to a third-party cloud backend. Because this skill handles uploaded media and persistent session data, the lack of disclosure materially increases privacy and data-handling risk for users who may assume local processing.

Natural-Language Policy Violations

Medium
Confidence
78% confidence
Finding
The session creation instructions hardcode language to English without user choice, which can mis-handle non-English content and cause inaccurate processing or disclosure of transformed content the user did not intend. In multilingual contexts, forced language selection also undermines transparency and user control.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal