ClawHub

Free Motion Video Skill

Security checks across malware telemetry and agentic risk

Overview

This instruction-only skill coherently uses a NemoVideo cloud API to process user-provided media, but users should notice the cloud upload and broader editing features before installing.

Install only if you are comfortable sending selected media or media URLs to the NemoVideo cloud service. Avoid sensitive personal, client, or unreleased commercial footage unless you trust that provider's privacy and retention practices. The skill is not locally executable malware, but its trust boundary is the remote API and the NEMO_TOKEN/session it uses.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Description-Behavior Mismatch

Medium
Confidence
93% confidence
Finding
The skill advertises a narrow capability of adding motion to video clips, but the body exposes a much broader remote editing surface including uploads by URL, generic SSE-driven edits, export, credits/state inspection, text overlays, and audio handling. This scope drift is dangerous because users and hosting platforms may grant trust, permissions, or routing based on the manifest while the actual implementation performs materially broader cloud actions on user media and session state.

Description-Behavior Mismatch

Low
Confidence
89% confidence
Finding
The manifest claims support for a limited set of video formats, while the implementation documents acceptance of additional containers plus images and audio. This mismatch can mislead users and reviewers about what data may be uploaded to the third-party service, increasing the chance of unintended transfer of non-video content.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The routing rules use broad phrases like generic generate, edit, export, upload, status, and download requests, which can cause the skill to activate for ordinary video-editing intents beyond its stated purpose. In this skill, unintended activation is more concerning because first interaction triggers automatic setup, token acquisition, session creation, and cloud processing against a third-party API.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The user-facing description encourages dropping video clips into chat, but does not clearly warn that media will be uploaded to and processed by a remote cloud service. This is a real privacy and consent issue because videos can contain sensitive personal or commercial content, and the skill also supports URL ingestion and session-based cloud state retention.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal