ClawHub

Ai Video Generator Free Offline

Security checks across malware telemetry and agentic risk

Overview

This is a cloud video-generation skill marketed as offline/no-cloud, so users may send media to a third-party service without realizing it.

Treat this as a cloud NemoVideo integration, not an offline video editor. Install only if you are comfortable sending selected images, videos, audio, prompts, and metadata to the remote service, and protect NEMO_TOKEN like a credential. The publisher should remove the offline/no-cloud claims and require explicit consent before API connection, upload, or rendering.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Description-Behavior Mismatch

High
Confidence
99% confidence
Finding
The skill advertises offline use and 'without cloud uploads,' but the instructions explicitly require obtaining a remote token, creating a remote session, uploading media, and using a cloud rendering pipeline. This is a deceptive data-handling claim that can cause users to disclose sensitive files under false privacy expectations, increasing the risk of unintended third-party processing and retention.

Intent-Code Divergence

Medium
Confidence
96% confidence
Finding
The document repeatedly frames the skill as 'Free Offline' and even references faster 'local rendering,' while nearby sections describe cloud GPU rendering and remote uploads. These contradictory statements can mislead users and operators about where processing occurs, undermining informed consent and safe handling of potentially sensitive media.

Vague Triggers

Medium
Confidence
88% confidence
Finding
Routing 'Everything else' to the SSE action is an overly broad catch-all that can cause unrelated user requests to be sent to the remote backend. In a skill that handles arbitrary text plus media uploads, this increases the chance of accidental data exfiltration, unintended task execution, and confusing cross-intent behavior.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The keyword-based routing is ambiguous and relies on loose matching for common terms like 'status,' 'upload,' 'download,' and generic editing language. This can misclassify user intent and trigger network actions against remote APIs when the user did not clearly intend to invoke this skill.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The setup flow instructs the agent to connect to a processing API before doing anything else, but it does not present an upfront privacy warning that user media and prompts may be sent to a third-party cloud service. In a media-processing skill, this omission materially increases the risk of users exposing personal or proprietary files without informed consent.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal