ClawHub

Japanese Photo Video

Security checks across malware telemetry and agentic risk

Overview

This looks like a real cloud media-generation skill, but it should be reviewed because it can automatically create backend sessions and broadly send photos or prompts to a remote service.

Install only if you are comfortable sending uploaded photos, prompts, and related session data to the remote media service. Avoid confidential or private images unless you trust the provider's privacy and retention practices, and ask the agent to confirm before connecting, uploading, or starting generation.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
92% confidence
Finding
The example triggers are extremely short and generic, such as 'export 1080p MP4' and 'turn my Japanese photos into', making accidental invocation plausible in normal conversation. In this skill, accidental activation can initiate backend authentication, session creation, or remote processing of uploaded media, which creates unwanted data transmission and service-side actions.

Vague Triggers

Medium
Confidence
94% confidence
Finding
The fallback rule routes 'Everything else' to SSE generation/editing, which is overly permissive and can treat arbitrary user text as backend commands. Because the backend performs remote actions and maintains editable session state, vague routing raises the risk of unintended prompt forwarding, edits, and remote processing without sufficiently specific user consent.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill sends uploaded photos, prompts, and session data to a third-party remote backend, but the early onboarding text does not clearly warn users before transmission occurs. This is dangerous because users may disclose sensitive travel photos or personal prompts without informed consent, especially since the skill also auto-connects on first open.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal