ClawHub

AI Video Creator

Security checks across malware telemetry and agentic risk

Overview

This skill matches its stated purpose of generating videos and optionally publishing them to Xiaohongshu, but it uses real cloud credentials and social-account access.

Install only if you are comfortable using Volcengine paid API quota and a logged-in Xiaohongshu publishing server. Review the generated title, caption, tags, and final video before approving publication, use limited or dedicated credentials where possible, keep the MCP server local and trusted, and avoid sharing terminal output that may reveal key prefixes.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Behavioral ASTexec() Call, eval() Call, Dynamic Import
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

subprocess module call

Medium
Category
Dangerous Code Execution
Content
)

    vf = ",".join(filters)
    result = subprocess.run(
        [
            "ffmpeg", "-y", "-i", input_path,
            "-vf", vf,
Confidence
88% confidence
Finding
result = subprocess.run( [ "ffmpeg", "-y", "-i", input_path, "-vf", vf, "-c:v", "libx264", "-preset", "fast", "-crf", "18", output_path,

Missing User Warnings

Medium
Confidence
84% confidence
Finding
The README advertises direct 'one-click' publishing to Xiaohongshu but does not clearly warn users that the workflow can perform external account actions and publish content on their behalf. In an agent/skill context, this increases the risk of unintended posting, misuse of authenticated sessions, and reputational or account impact if users trigger the command without understanding the side effects.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The setup instructions tell users to export cloud API credentials and run an automated publishing server, but they do not warn about the sensitivity of these credentials or the implications of granting account access to automation. In a skill designed for end-to-end generation and posting, missing security guidance can lead to credential leakage, accidental account abuse, or unauthorized posting if the environment is shared or misconfigured.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill includes a workflow to publish generated content directly to Xiaohongshu after only a simple yes/no prompt, without an explicit warning that content, metadata, and account actions will be sent to an external platform. In context, this is more dangerous because the skill is specifically designed for automated social posting, so users may not fully appreciate the account-side effects, privacy implications, or reputational risk of accidental publication.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The guide tells users to place long-lived cloud credentials in shell startup files and to verify them by echoing part of the key, but it does not warn against credential exposure in shared terminals, shell history, screen recordings, or multi-user systems. In the context of an automation skill that generates and publishes content daily, these credentials are likely to remain persistently configured, increasing the chance of accidental leakage and subsequent abuse of the video-generation account or associated cloud resources.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal