ClawHub

Maker With Photos

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed cloud photo-to-video skill that uploads user-selected media to NemoVideo and uses a service token, with no artifact evidence of hidden, destructive, or unrelated behavior.

Install only if you are comfortable sending selected photos, audio, prompts, and generated video project data to NemoVideo's cloud service. Protect the NEMO_TOKEN, avoid highly sensitive personal media unless you trust the provider, and confirm which local files or remote URLs are uploaded before rendering.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Description-Behavior Mismatch

Medium
Confidence
90% confidence
Finding
The skill is presented as a photo-to-video tool, but the documented upload interface also accepts arbitrary remote URLs and a broad set of media formats. This expands the trust boundary beyond local photo uploads and can cause users to unknowingly send external resources or unsupported content classes to a third-party backend, increasing privacy, abuse, and misuse risk.

Vague Triggers

Medium
Confidence
87% confidence
Finding
Routing nearly all unmatched requests to the generation action makes the skill overly permissive and increases the chance that unintended or ambiguous user input will be sent to the remote backend. In a skill that uploads files and issues cloud-render commands, broad dispatch can trigger external processing without sufficiently specific user intent.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill encourages users to upload photos and prompts but does not clearly warn, up front, that this content is transmitted to a cloud backend for processing. That omission undermines informed consent and can expose personal images, metadata, and prompt content to third-party services unexpectedly.

Missing User Warnings

Low
Confidence
84% confidence
Finding
The documentation notes that session tokens carry render job IDs and that closing the tab can orphan jobs, but it does not clearly warn users early that session state and render artifacts persist remotely. This can lead to misunderstandings about retention, cleanup, and whether generated content remains stored after the local interaction ends.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal