ClawHub

Free Video Music Generator

Security checks across malware telemetry and agentic risk

Overview

This instruction-only skill appears to be a real cloud video/music workflow, but it should be reviewed because it automatically creates remote NemoVideo sessions and can send media and prompts broadly to that service.

Install only if you are comfortable with selected videos, prompts, session identifiers, and generated outputs being sent to NemoVideo's cloud service. Use a dedicated NEMO_TOKEN if possible, avoid private or rights-sensitive media unless you trust the provider, and watch for unintended activation because broad edit/generate requests may route into the remote workflow.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (5)

Description-Behavior Mismatch

Medium
Confidence
90% confidence
Finding
The manifest and branding present a narrowly scoped background-music tool, but the documented behavior exposes a substantially broader cloud video editing and media generation workflow including session management, state inspection, uploads, and exports. This scope mismatch can mislead users and host platforms about what data and capabilities are actually being granted, increasing the risk of unexpected remote processing and overbroad invocation.

Context-Inappropriate Capability

Low
Confidence
82% confidence
Finding
The skill includes automatic anonymous token provisioning, session creation, and credit-related flows that go beyond a simple 'add background music' function. While not inherently malicious, embedding account/bootstrap logic without clear user-facing disclosure can create hidden external account usage and make it easier to consume third-party resources without informed consent.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The activation examples are broad, generic editing phrases that could cause the skill to trigger for common user requests outside its narrow advertised purpose. Overbroad invocation increases the chance that users unintentionally send prompts or media to the remote backend when they did not mean to use this specific skill.

Vague Triggers

Medium
Confidence
91% confidence
Finding
The routing table contains an 'Everything else' catch-all that maps broad generate/edit/add-BGM requests into the SSE workflow without clear boundaries. This ambiguous fallback can capture unrelated requests and silently route them to a remote service, expanding the skill's practical scope beyond what users may expect.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill processes uploaded videos and prompts on a remote cloud backend, but the description does not prominently warn users that their media and instructions leave the local environment. For a media-handling skill, this omission is important because videos may contain sensitive personal or proprietary content, and users need clear notice before transmission.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal