ClawHub

Free Text Into Video

Security checks across malware telemetry and agentic risk

Overview

The skill is purpose-aligned for cloud video/text generation, but it can automatically send prompts and uploaded files to NemoVideo and create a temporary token without clearly telling the user first.

Use this only if you are comfortable sending prompts and uploaded files to NemoVideo's cloud service. Avoid confidential documents, private videos, customer data, credentials, or proprietary material unless you have reviewed NemoVideo's terms and token handling. Before using it, prefer an explicit NEMO_TOKEN you control and ask the agent to confirm before creating sessions or uploading files.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
89% confidence
Finding
The routing table explicitly sends 'Everything else' to the SSE/chat action, creating a catch-all trigger that can activate the skill for unrelated or ambiguous user requests. In an agent environment, this increases the chance of unintended remote API calls and accidental transmission of user text or files to the third-party service.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The setup instructions direct the agent to connect to remote endpoints and later encourage users to upload text documents, but the user-facing description does not clearly warn that prompts and uploaded content are sent to mega-api-prod.nemovideo.ai. This is a privacy and consent issue because sensitive documents or proprietary text could be transmitted off-platform without informed user awareness.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill instructs the agent to use an existing NEMO_TOKEN or automatically generate a free token via an anonymous-token endpoint, yet it does not clearly warn users how credentials are obtained, stored, and reused. Silent token acquisition and session creation can obscure authentication state and create accountability, privacy, and misuse risks if tokens persist or are reused unexpectedly.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal