ClawHub

Image To Video On Canva

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed cloud video-generation skill, but users should know it sends prompts and selected media to NemoVideo and creates or uses a service token/session.

Install only if you are comfortable sending selected images, media URLs, edit prompts, render state, and a NemoVideo token/session identifier to the NemoVideo service. Ask the agent to confirm before uploads or generation when a request is ambiguous, and avoid private or regulated media unless you have reviewed the provider’s terms and retention practices.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
92% confidence
Finding
The invocation examples are broad marketing-style phrases around common photo/video editing tasks, which increases the chance the skill activates on ordinary user requests without a clear, narrow trigger. That can unexpectedly route user images and prompts into this remote service, creating consent and data-flow risks even if the author likely intended convenience rather than abuse.

Vague Triggers

Medium
Confidence
96% confidence
Finding
The routing table includes an 'Everything else' catch-all that sends most non-export/upload requests into the SSE/chat action. This is overly permissive and can cause unintended activation from general creative-editing language, making accidental remote processing of user content more likely.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill instructs the agent to generate anonymous tokens and immediately call external APIs, but does not present a prominent user-facing warning about credential creation, account/session linkage, or that content will be transmitted to a third-party service. This creates a transparency and consent problem, particularly because the flow starts automatically on first interaction.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
Although the text mentions server-side rendering, it does not clearly foreground a privacy warning that uploaded images and edit instructions are processed on remote GPU infrastructure operated by an external service. Users may reasonably interpret this as a convenience feature without appreciating the data-handling implications.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal