ClawHub

Ai Video Generator Free Horror

Security checks across malware telemetry and agentic risk

Overview

This is a real cloud horror-video generation skill, but it connects to a third-party backend and can forward prompts or uploads more broadly than its top-level description makes clear.

Review before installing. Use it only if you are comfortable sending horror-video prompts, media files, URLs, and related metadata to NemoVideo's cloud service. Prefer a dedicated NEMO_TOKEN, ask the agent to confirm before uploading or forwarding content, and avoid private or rights-sensitive media unless you trust the provider's handling and retention practices.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Description-Behavior Mismatch

Medium
Confidence
91% confidence
Finding
The skill advertises a narrow set of supported file types, but the body documents a much broader set of media formats plus URL-based ingestion. That mismatch can mislead users and host platforms about what data may be sent to the backend, increasing the chance of unexpected uploads, remote fetches, and review bypass for unsupported content paths.

Intent-Code Divergence

Medium
Confidence
90% confidence
Finding
The top-level description says the skill works with only MP4, MOV, JPG, and PNG, but later text lists many more formats including audio and web formats. This discrepancy weakens informed consent and can cause the skill to process data types the user or platform did not expect, especially when combined with backend upload behavior.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The prompt examples and startup text are broad enough that normal conversation about prompts or images could activate the skill without clear user intent. In a skill that automatically connects to a backend and may upload content, overbroad activation increases the risk of unintended data transmission and action execution.

Vague Triggers

Medium
Confidence
93% confidence
Finding
The catch-all rule routes 'Everything else' to the SSE backend action, which effectively grants the skill authority over nearly any unmatched user request. Because SSE sends free-form text to a remote service, this can exfiltrate unrelated user content and trigger unintended backend operations beyond the user's understood scope.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill instructs the agent to automatically connect, obtain or mint a token, create a session, and then process user prompts/files, but it does not clearly warn the user that their content and identifiers will be transmitted to a third-party backend. This undermines informed consent and creates privacy and data-handling risk, especially for uploaded files and free-form prompts.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal