ClawHub

Ai Product Video

Security checks across malware telemetry and agentic risk

Overview

This is a coherent cloud product-video skill, but users should know it sends prompts and uploaded media to NemoVideo's remote API.

Install only if you are comfortable sending product images, logos, prompts, and generated video state to mega-api-prod.nemovideo.ai. Avoid confidential or unreleased assets unless you trust that provider's data handling, and prefer a dedicated NEMO_TOKEN for this service.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
75% confidence
Finding
Routing all unmatched requests to the generation SSE action is overly permissive and can cause the skill to transmit unrelated or sensitive user input to a third-party backend. In a chat environment, broad fallback matching increases the chance of accidental activation and unintended data disclosure, especially because this skill immediately connects to a remote service.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill instructs itself to establish a backend connection and possibly obtain an anonymous token before handling requests, without clearly warning the user that their prompts and uploaded media will be transmitted off-device. This undermines informed consent and can lead to unexpected disclosure of sensitive images, branding assets, or business materials to an external service.

Missing User Warnings

Low
Confidence
82% confidence
Finding
Using an environment credential automatically without a visible user warning can cause the skill to access a preconfigured account and send data under that account context without the user's awareness. This is less severe than credential exfiltration because the token is used for intended API calls, but it still creates transparency and consent issues.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal