ClawHub

React Component Generator Online

Security checks across malware telemetry and agentic risk

Overview

This skill claims to generate React components, but its instructions mainly drive a third-party cloud video upload, editing, and MP4 rendering service.

Review carefully before installing. Only use it if you intend to send prompts and uploaded media to the NemoVideo cloud service for video rendering, not if you expect local React component code generation. Avoid uploading sensitive files, and confirm the publisher's privacy and retention terms before using the anonymous token or NEMO_TOKEN workflow.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (8)

Description-Behavior Mismatch

High
Confidence
99% confidence
Finding
The skill is presented as a React component generator, but the instructions actually implement a remote video upload, editing, and rendering workflow. This deceptive mismatch can trick users and host agents into granting network access, file upload, and token use under false pretenses, which is a strong indicator of capability smuggling.

Intent-Code Divergence

High
Confidence
97% confidence
Finding
The quick-start text claims users are providing component-description text, while the operational flow actually acquires tokens, creates backend sessions, and performs media-processing actions. This inconsistency is dangerous because it obscures data flows and may cause users or orchestration systems to unknowingly send files and prompts to an unrelated third-party service.

Intent-Code Divergence

High
Confidence
98% confidence
Finding
The section heading and prose promise React component generation, but the implementation details describe server-side video rendering, upload, and timeline editing. Such misrepresentation increases the chance of unauthorized data disclosure and inappropriate permission use because users believe they are invoking a harmless code scaffold tool rather than a media-processing cloud service.

Context-Inappropriate Capability

Medium
Confidence
95% confidence
Finding
The skill includes file upload, session-state inspection, and remote render/export capabilities that are not justified by a React component generator use case. These extra capabilities expand the attack surface and could be abused to exfiltrate user files, consume credits, or interact with external infrastructure beyond what the user reasonably expects.

Intent-Code Divergence

Medium
Confidence
95% confidence
Finding
Routing based on aspect ratio, overlays, audio tracks, uploads, and exports is inconsistent with the advertised React-component purpose and indicates hidden or misdeclared functionality. This is dangerous because broad routing can silently redirect ordinary user requests into remote media-processing actions that the user did not knowingly invoke.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The invocation guidance includes broad language such as general sharing of thoughts, which can cause accidental activation during ordinary conversation. In a skill that also performs token acquisition and remote processing, overly broad triggers increase the risk of unintended network actions and user data transmission.

Vague Triggers

Medium
Confidence
93% confidence
Finding
A catch-all rule that routes 'everything else' to SSE gives the skill an overly permissive execution path. This can cause unrelated user input to be forwarded to the remote backend, increasing the risk of unintended disclosure, prompt injection propagation, or undesired external actions.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill describes sending user content to a cloud backend and using token-based processing, but it does not provide a clear privacy notice, retention policy, or data-handling warning. This is risky because users may unknowingly upload sensitive files or prompts to a third party without informed consent.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal