ClawHub

Image To Video Model Ai

Security checks across malware telemetry and agentic risk

Overview

This instruction-only skill does what it claims, but users should understand that selected media and prompts are processed by a remote NemoVideo service.

Install only if you are comfortable sending chosen images, prompts, URLs, and editing instructions to mega-api-prod.nemovideo.ai. Avoid confidential media, keep NEMO_TOKEN private, and use the skill only for clear image-to-video tasks.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
89% confidence
Finding
The suggested invocation phrases are very broad and generic, such as "convert my still images" and truncated natural-language prompts, which increases the chance the skill is triggered during ordinary conversation rather than through clear user intent. In a skill that uploads media and connects to a remote backend, accidental invocation can expose user content or initiate network actions without sufficiently explicit consent.

Vague Triggers

Medium
Confidence
95% confidence
Finding
The action-matching logic includes an "Everything else" catch-all that routes nearly any unmatched input to the SSE backend. That creates a broad prompt-injection and unintended-exfiltration surface, because ordinary chat or unrelated user text may be forwarded to a third-party service together with session context.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
Although the text mentions server-side rendering, it does not provide a clear upfront privacy warning that uploaded images, prompts, and related session data are sent to a remote third-party backend. Users may reasonably assume local processing or fail to understand the scope of data sharing, which undermines informed consent for potentially sensitive media.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal