ClawHub

Ai Image To Video Hailuo

Security checks across malware telemetry and agentic risk

Overview

This cloud image-to-video skill is coherent and disclosed, but users should understand it creates a remote session and sends media-related work to nemovideo.ai.

Install only if you are comfortable sending images, prompts, uploaded URLs, edit instructions, and render/session metadata to nemovideo.ai. Avoid sensitive personal or confidential media unless you trust that provider’s handling and retention practices, and consider using your own NEMO_TOKEN rather than relying on automatic anonymous token creation.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Description-Behavior Mismatch

Medium
Confidence
97% confidence
Finding
The manifest presents the skill as a narrow image-to-video converter, but the body documents broader capabilities including session state inspection, timeline editing, text/audio handling, and import/export across many media types. This mismatch can mislead users and reviewers about the real scope of data access and remote processing, weakening informed consent and security review.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The skill advertises broad invocation language such as sharing images or vaguely describing an idea, which could cause accidental routing from ordinary conversation rather than a clear request to use this specific skill. Unintended activation is especially risky here because the skill performs network calls, token acquisition, and remote uploads.

Vague Triggers

Medium
Confidence
94% confidence
Finding
Example trigger phrases like 'convert my still images' or 'export 1080p MP4' are generic and could match many unrelated user intents. Because this skill can connect automatically to a backend and handle user media, vague routing increases the chance of unintended data transfer or action execution.

Missing User Warnings

Medium
Confidence
98% confidence
Finding
The skill instructs automatic backend connection and anonymous token acquisition on first open, with only a minimal 'Setting up...' notice. This creates remote authentication and service enrollment behavior without meaningful user awareness or consent, and includes generating identifiers and storing session state.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
Although the text mentions server-side rendering, it does not clearly warn that uploaded images, prompts, and related session data are sent to a remote cloud service for processing. For a media skill handling potentially sensitive personal or proprietary images, weak privacy disclosure materially increases user risk.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal