ClawHub

Ai Image To Video Leaderboard

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed cloud image-to-video workflow, with broad routing that users should treat carefully but no hidden code or malicious behavior found.

Install only if you are comfortable sending chosen images, prompts, and project state to NemoVideo for cloud processing. Use a revocable NEMO_TOKEN where possible, avoid confidential media, and confirm before uploads, exports, or ambiguous requests that may consume credits.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
87% confidence
Finding
The getting-started prompt invites activation on very generic language like sharing images or vague creative intent. In agent ecosystems, broad trigger language can cause the skill to activate outside its intended context, leading to unintended file handling, remote uploads, or cloud session creation when the user did not explicitly request this skill.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The example phrases are short and ambiguous, such as 'export 1080p MP4' or 'convert my still images,' and do not clearly bind the request to this specific skill. This increases the chance of accidental invocation and can route unrelated user requests into a workflow that uploads media to a third-party backend or consumes credits.

Vague Triggers

High
Confidence
97% confidence
Finding
The catch-all routing rule sends 'Everything else' to the SSE backend, which effectively forwards arbitrary user requests to a remote service. In context, this is dangerous because the skill already supports file upload, session persistence, and cloud actions; a catch-all trigger can unintentionally process unrelated prompts, expose user content to a third party, and spend credits without clear consent.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal