ClawHub

Image To Video Low Vram

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only connector for a remote image-to-video service, and its network use is broadly aligned with creating and exporting videos from user-provided media.

Install only if you are comfortable sending uploaded images, prompts, optional URL imports, and project/session metadata to NemoVideo's remote service. Avoid confidential media unless you trust that provider's handling and retention practices, and note that the skill can do more than a single image-to-video conversion, including timeline edits, audio/text layers, state checks, and exports.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (4)

Description-Behavior Mismatch

Medium
Confidence
81% confidence
Finding
The manifest markets a narrow image-to-video workflow, but the instructions expose a much broader remote editing and export surface including timeline manipulation, text/audio layering, generalized SSE-driven editing, and multi-format import/export. This scope expansion increases the chance of unintended data handling, abuse of backend capabilities, and user consent mismatch because callers may invoke functionality not reasonably implied by the declared purpose.

Context-Inappropriate Capability

Medium
Confidence
85% confidence
Finding
The skill is instructed to mint anonymous tokens automatically and manage credits/plan states, which extends beyond simple media conversion into account-like resource acquisition and billing workflow handling. That creates abuse potential, obscures user awareness of third-party authentication activity, and may enable unauthorized consumption of remote service quotas or free-tier resources.

Vague Triggers

Medium
Confidence
79% confidence
Finding
Routing all unmatched requests into a general generate/edit action creates an overly permissive control path where ambiguous prompts can trigger remote operations unexpectedly. In a skill backed by SSE editing and stateful cloud actions, this broad fallback can cause unintended uploads, edits, or backend processing that exceed the user’s intended request.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The skill directs automatic connection to a remote backend and session setup using environment credentials or anonymously minted tokens without a prominent privacy or data-transfer warning. Because users upload images and interact with a third-party service, failing to disclose automatic transmission and authentication increases privacy risk and undermines informed consent.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal