ClawHub

Image To Video Grok

Security checks across malware telemetry and agentic risk

Overview

This is a cloud image-to-video skill with disclosed remote processing, but users should know their media and prompts are sent to NemoVideo.

Install only if you are comfortable sending selected media, prompts, session data, and credit/account status requests to NemoVideo's cloud service. Avoid confidential or regulated media unless you trust the provider's privacy and retention practices, and protect any NEMO_TOKEN used with the skill.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (4)

Description-Behavior Mismatch

Medium
Confidence
93% confidence
Finding
The skill is presented as a simple image-to-video converter, but the documented behavior exposes a broader remote media-editing surface including arbitrary uploads, timeline/state inspection, credit queries, and export orchestration. This scope mismatch can mislead users and the host agent about what the skill can do, increasing the chance that unrelated files or account-linked actions are sent to a third-party service without informed consent.

Context-Inappropriate Capability

Low
Confidence
83% confidence
Finding
The skill includes a credits/balance check that is not necessary for basic image-to-video conversion and exposes account-related metadata from the remote service. While not directly destructive, it expands the accessible account surface and may reveal subscription or usage information without a strong functional need tied to the advertised purpose.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The routing table uses a catch-all fallback of 'Everything else' to invoke the skill's SSE action, which is overly broad and can capture unrelated prompts. In an agent environment, this can cause accidental activation, unnecessary transmission of user inputs to a cloud backend, and unintended use of remote editing functionality outside the user's intent.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill instructs the agent to upload files and create cloud sessions but does not clearly warn the user that their content, prompts, and related metadata will be transmitted to a third-party remote service. This lack of explicit disclosure is dangerous because users may provide sensitive or proprietary media under the assumption that processing is local or minimally scoped.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal