ClawHub

Ai Video Generator Free Leonardo

Security checks across malware telemetry and agentic risk

Overview

This video-generation skill is mostly purpose-aligned, but it needs Review because it can automatically create remote sessions/tokens and broadly send prompts or uploaded media to a third-party backend.

Install only if you are comfortable with selected prompts, images, videos, audio, URLs, and related metadata being sent to NemoVideo's cloud service. Use a dedicated NEMO_TOKEN if possible, avoid confidential media, and invoke the skill explicitly for video-generation or editing tasks.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Context-Inappropriate Capability

Low
Confidence
87% confidence
Finding
The skill instructs the agent to automatically obtain an anonymous token and create authenticated backend sessions, which expands behavior beyond a simple local prompt-to-video tool into credential and session management against a third-party service. This is dangerous because it enables silent outbound authentication flows and account/resource consumption without explicit user awareness or consent, increasing privacy, abuse, and unexpected billing/rate-limit risk.

Vague Triggers

Medium
Confidence
83% confidence
Finding
The trigger phrase guidance is broad enough to match ordinary conversation, which can cause the skill to activate unexpectedly and send user prompts or files to the remote backend without clear intent. In a skill that uploads content and manages remote sessions, overbroad invocation increases the chance of accidental data disclosure and unwanted third-party processing.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The catch-all fallback routing rule sends nearly any unmatched request into the SSE generation/editing path, creating an overly permissive activation surface. Because that path can transmit arbitrary text and possibly associated media to a cloud backend, ambiguous fallback behavior raises the risk of unintended remote actions and disclosure.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill description encourages users to share prompts and files but does not clearly warn that this content is transmitted to a remote cloud service for processing. This is a meaningful privacy and transparency failure: users may disclose sensitive images, videos, or text under the mistaken belief that processing is local or limited.

Missing User Warnings

Low
Confidence
93% confidence
Finding
The skill can automatically acquire an anonymous token from a third-party service without clearly telling the user, which hides an authentication and account-provisioning step behind normal usage. This is dangerous because it obscures the creation/use of a service identity, can consume free credits or quotas, and reduces informed consent around third-party interaction.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal