ClawHub

Image To Video Meta Ai

Security checks across malware telemetry and agentic risk

Overview

This skill appears to be a real cloud image-to-video tool, but it connects automatically and exposes broader media-editing/upload behavior than the narrow description suggests.

Review before installing. Use only media you are comfortable uploading to nemovideo.ai, and prefer explicit confirmation before connection, upload, generation, editing, or export. Avoid sensitive images, videos, or audio until the publisher narrows the routing and clearly documents supported media scope, privacy, retention, and account/session behavior.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (4)

Description-Behavior Mismatch

Medium
Confidence
85% confidence
Finding
The skill is presented as a simple single-image-to-video tool, but the documented endpoints and accepted file types expose a much broader multimedia editing surface including video, audio, timeline state, and rendering operations. This mismatch can mislead users and reviewers about what data may be uploaded and processed, increasing the risk of unintended data transfer and capability abuse.

Context-Inappropriate Capability

Medium
Confidence
90% confidence
Finding
Documentation for audio tracks, video-file uploads, and broader editing functions goes beyond the stated image-to-video purpose, creating hidden or under-disclosed functionality. In a security context, undocumented extra capabilities are dangerous because they expand the attack surface and can cause users to send more sensitive media than they intended.

Vague Triggers

Medium
Confidence
87% confidence
Finding
Routing essentially all unmatched requests to the SSE generation action creates an overly permissive command path. This increases the chance that unexpected, ambiguous, or irrelevant user input is forwarded to the remote backend, potentially triggering unintended operations or unnecessary transmission of user data.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill instructs automatic backend connection, anonymous token creation, and session establishment without clearly informing the user that network requests, remote account/session creation, and media processing will occur. This is a meaningful consent and privacy issue because user content and metadata may be transmitted to a third party before the user understands what happens.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal