ClawHub

Sora Watermark Remover

Security checks across malware telemetry and agentic risk

Overview

This skill appears to do the advertised Sora watermark-removal task, but users should know it sends their Sora link to NanoPhoto.AI and should only use it on content they are allowed to modify.

Install only if you are comfortable using NanoPhoto.AI as a third-party processor for Sora share links and storing a NanoPhoto API key in the skill environment. Do not use it on private, sensitive, or unauthorized media, and confirm watermark removal is lawful and allowed for your use case.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Vague Triggers

Medium
Confidence
89% confidence
Finding
The trigger text includes broad phrases like 'remove watermark', 'no watermark', and 'clean Sora export', which can cause the skill to activate in situations where the user did not clearly intend to use this specific third-party service. Over-broad invocation increases the chance of accidental routing of user content to a watermark-removal workflow with legal, policy, or privacy implications.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill does not clearly warn users up front that their Sora share link will be transmitted to NanoPhoto.AI, a third-party service. This creates a consent and privacy risk because users may provide links assuming processing is local or first-party, when in fact their content reference is sent externally.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The documentation explicitly describes a watermark-removal capability for Sora videos but provides no warning about authorization, ownership, copyright, platform-policy, or misuse risks. In this skill context, that omission is materially relevant because the skill is designed to help users remove provenance/branding from generated media, which can facilitate deceptive redistribution or policy violations.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal