ClawHub

Text To Video Making Ai

Security checks across malware telemetry and agentic risk

Overview

This appears to be a real cloud text-to-video skill, but its broad routing could send prompts, files, or URLs to NemoVideo more easily than users may expect.

Install only if you are comfortable sending selected prompts, documents, URLs, generated project state, and render data to NemoVideo's cloud service. Avoid confidential, regulated, or internal-only material unless you have approved that provider, and confirm ambiguous requests before letting the skill upload or process content.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Description-Behavior Mismatch

Medium
Confidence
97% confidence
Finding
The skill is presented as handling user-uploaded text/files for video generation, but it also documents ingestion of arbitrary remote URLs as upload sources. That expands the data-access and fetch surface beyond user expectations and can enable backend-side retrieval of attacker-controlled or internal resources if the service follows URLs server-side.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The invocation examples are so generic that ordinary conversation could trigger the skill unexpectedly, causing users to send prompts or files to the cloud service without deliberate intent. In a skill that can upload content and initiate external API actions, overbroad activation increases the risk of accidental data disclosure and unintended operations.

Vague Triggers

Medium
Confidence
95% confidence
Finding
Routing all unmatched requests under 'Everything else' to the SSE backend makes the activation boundary effectively undefined. This can cause unrelated user text to be forwarded to the remote service, increasing accidental prompt capture, privacy exposure, and unintended action execution.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill description emphasizes convenience but does not clearly warn that uploaded text/files and prompts are transmitted to a cloud backend for processing. Because users may upload potentially sensitive documents, the lack of prominent disclosure undermines informed consent and can lead to unintended exposure of private content.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal