ClawHub
Back to skill

Security audit

Agnes Video Generator

Security checks across malware telemetry and agentic risk

Overview

This skill does what it says: it sends video prompts and optional image URLs to Agnes's API to generate videos, with no hidden persistence or destructive behavior found.

Install this only if you are comfortable sending video prompts, optional image URLs, and generation settings to Agnes's remote service, and avoid using private image links or sensitive prompt content unless you trust that provider's data handling.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
88% confidence
Finding
The skill states it is invoked automatically whenever the user requests video generation, but it does not define meaningful constraints or confirmation boundaries. An overly broad trigger can cause the agent to route ordinary conversation or ambiguous media requests to this external service unexpectedly, resulting in unintended data disclosure, unnecessary API usage, and surprise side effects.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill documents an external endpoint and accepts prompts and image URLs, but it does not warn users that their inputs will be transmitted to a third-party video-generation service. This creates a privacy and consent risk because users may provide sensitive text or private image links without realizing that external processing will occur.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The script transmits user-supplied prompt text and an optional image reference to a third-party remote API, but the code provides no explicit user-facing notice, consent check, or data-handling warning. In a skill context, this can expose sensitive prompts, proprietary content, or internal URLs to an external service unexpectedly, especially if callers assume processing is local.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal