ClawHub

Free Video Generation Github

Security checks across malware telemetry and agentic risk

Overview

This appears to be a real cloud video-generation skill, but it automatically connects to a third-party service and may send broad user prompts or media without a clear confirmation step.

Review before installing. Use this only if you are comfortable sending prompts, uploaded media, URLs, and project state to NemoVideo for remote processing. Prefer adding explicit confirmation before connection, upload, edit, export, or credit-consuming actions, and avoid sensitive media unless the provider's privacy and retention terms are acceptable.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (4)

Description-Behavior Mismatch

Medium
Confidence
90% confidence
Finding
The manifest presents the skill as simple text-to-video generation, but the body exposes broader capabilities including file upload, session inspection, credit balance checks, and export/download operations against a third-party backend. This mismatch can mislead users and host platforms about the actual data access and actions performed, increasing the risk of overbroad invocation and unintended disclosure of user media or account-related state.

Context-Inappropriate Capability

Medium
Confidence
95% confidence
Finding
The skill instructs the agent to automatically use an environment token if present, or otherwise obtain an anonymous token and create a backend session before handling any user request. This expands the skill from prompt processing into credential use and account/session manipulation without explicit per-request consent, which can cause unauthorized use of environment-provided secrets and silent transmission of user data to a remote service.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The routing rule sends 'Everything else' into the SSE workflow, creating an extremely broad catch-all activation condition. In context, that means ambiguous user input could be forwarded to a remote backend and processed under an authenticated session even when the user did not clearly request video generation or cloud processing.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill directs the agent to connect to a third-party backend, authenticate, create sessions, and upload prompts or media, but does not provide a clear user-facing warning that their content will be sent off-platform. This omission is dangerous because users may unknowingly disclose sensitive prompts, media, or metadata to an external service under terms they have not reviewed.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal