ClawHub

Text To Ai

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent cloud text-to-video helper, but users should know prompts and uploaded files are sent to NemoVideo for processing.

Install only if you are comfortable sending prompts, pasted text, and uploaded TXT/DOCX/PDF files to NemoVideo's cloud service. Use a dedicated NEMO_TOKEN when possible, avoid confidential documents unless you trust the provider, and ask the agent to confirm before uploading or generating if the content is sensitive.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
86% confidence
Finding
The routing rule sends "everything else" to the SSE/generation path, which is overly permissive for a skill that can create sessions, upload content, and trigger remote processing. In practice this can cause unrelated user prompts to be captured by the skill and forwarded to a third-party backend, leading to unintended data disclosure or accidental billable/side-effecting actions.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill instructs the agent to establish a backend connection and send user content to remote APIs, but it does not present a clear, upfront warning that uploaded files and pasted text leave the local environment. Because this skill handles potentially sensitive documents up to 500MB, the missing disclosure increases the risk of users unknowingly transmitting confidential data to an external service.

Natural-Language Policy Violations

Medium
Confidence
78% confidence
Finding
The session creation body hard-codes `"language":"en"` without checking the user's preferred language or obtaining consent. While not a direct code-execution issue, it can mis-handle non-English content, cause incorrect processing, and create privacy or trust concerns if user inputs are implicitly normalized or routed under the wrong locale.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal