ClawHub

Sora 2 Generate

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward NanoPhoto.AI video-generation skill with expected API-key and network use, but users should avoid sending sensitive prompts or private image URLs.

Install only if you are comfortable using NanoPhoto.AI for this workflow. Treat prompts, public image URLs, task IDs, and generation metadata as shared with that service, keep the API key in the secure env setting, and avoid confidential, regulated, client-owned, or private media unless you have permission and accept third-party processing.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Lp3

Medium
Category
MCP Least Privilege
Confidence
90% confidence
Finding
The skill documentation indicates capabilities to read environment variables, read local files, and make network requests, but it does not declare equivalent permissions in a clear, enforceable way. This creates a transparency and review gap: operators may enable the skill without realizing it can access credentials and local config files and transmit data externally.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The invocation description is broad enough to trigger on generic requests like 'text to video', 'image to video', or 'cinematic prompt generation,' which could cause the skill to activate in situations where the user did not specifically consent to using NanoPhoto.AI. In this context, over-broad routing is risky because the skill sends prompts and image URLs to a third-party API and may consume paid credits.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill instructs users to provide prompts and public image URLs for generation, but it does not prominently warn that this content will be transmitted to NanoPhoto.AI. This is a real privacy and consent issue because users may share sensitive prompts or media-related data without understanding that it leaves the local environment and is processed by an external service.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The API reference instructs users to send prompts and public image URLs to a third-party service without clearly warning that user content will leave the local environment and be processed externally. In this skill context, users may provide sensitive prompts or image links, so the absence of an explicit privacy/data-sharing notice increases the risk of accidental disclosure to NanoPhoto and any publicly accessible image hosts.

External Transmission

Medium
Category
Data Exfiltration
Content
### Submit generation

```bash
curl -X POST "https://nanophoto.ai/api/sora-2/generate" \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer $NANOPHOTO_API_KEY" \
  --data-raw '{
Confidence
92% confidence
Finding
curl -X POST "https://nanophoto.ai/api/sora-2/generate" \ -H "Content-Type: application/json" \ -H "Authorization: Bearer $NANOPHOTO_API_KEY" \ --data-raw '{ "prompt": "A golden retriever ru

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal