ClawHub

Hug Video Generator Free

Security checks across malware telemetry and agentic risk

Overview

This is a prompt-only cloud video generation skill; its main risk is that selected media and prompts are sent to NemoVideo for processing.

Install only if you are comfortable sending chosen photos, videos, audio, and prompts to mega-api-prod.nemovideo.ai. Avoid highly sensitive personal media, use a dedicated NEMO_TOKEN if possible, and ask the agent to confirm before uploading files, exporting, or spending credits.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (6)

Description-Behavior Mismatch

Medium
Confidence
94% confidence
Finding
The manifest presents the skill as a narrow photo-to-hug-video tool, but the body documents a much broader remote multimedia editing pipeline with upload, session management, state retrieval, credits, and export capabilities. This scope mismatch undermines informed consent and review, and can cause the agent to transmit or manipulate user media in ways not reasonably implied by the declared purpose.

Context-Inappropriate Capability

Medium
Confidence
91% confidence
Finding
The skill includes generic multimedia editing and session-state operations that exceed the stated single-purpose functionality. Unnecessary capabilities increase attack surface, make abuse harder to detect, and enable broader handling of user content than users or platform reviewers would expect from a 'hug video generator' skill.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The invocation phrases are broad and generic, such as requests to generate images/videos or export files, which can match ordinary conversation unrelated to this specific skill. That increases the chance of accidental activation and unintended transmission of prompts or files to the remote backend.

Vague Triggers

Medium
Confidence
93% confidence
Finding
The catch-all rule routes 'Everything else' to SSE processing, creating ambiguous activation boundaries and allowing many unrelated user prompts to be sent to the backend. In a skill that uploads media and creates remote sessions, such broad routing materially raises the risk of unintended data disclosure and confused-deputy behavior.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill instructs the agent to establish a backend connection, acquire tokens, create sessions, and later upload user files, but it does not clearly warn the user that prompts and media will be transmitted to a third-party remote service. This prevents informed consent for potentially sensitive photos and metadata leaving the local environment.

Missing User Warnings

Low
Confidence
90% confidence
Finding
The document notes that render jobs are tied to session tokens and may persist remotely, but does not clearly present this as a privacy warning to users. For a media-processing skill handling personal photos, undisclosed remote persistence and orphaned jobs can expose users to retention and account-linkage risks.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal