ClawHub

Sora Video Generator Free

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed cloud media-generation workflow, but users should know it sends prompts and uploaded files to a third-party backend.

Install only if you are comfortable sending prompts and uploaded media/documents to the NemoVideo cloud service. Do not use it with confidential files unless you trust that service and understand its token, credit, and session behavior.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Description-Behavior Mismatch

Medium
Confidence
87% confidence
Finding
The manifest advertises a narrow text-to-video generation skill, but the body grants much broader project editing, upload, state inspection, credits, and export behaviors. This mismatch increases the chance that an agent or user invokes capabilities they did not reasonably expect, which can lead to overbroad data handling and unintended remote operations against the third-party service.

Description-Behavior Mismatch

Low
Confidence
79% confidence
Finding
The skill claims 1080p AI video generation but also documents export to many unrelated media/container types, including audio and image formats. This broadens functionality beyond user expectations and can turn the skill into a generic media conversion/export surface, which may bypass policy or routing assumptions built around a narrower video-generation skill.

Vague Triggers

Medium
Confidence
91% confidence
Finding
Routing 'everything else' to the main SSE action creates an overly broad trigger that can capture unrelated user requests. In practice, this can cause unintended transmission of arbitrary prompts to the remote backend, increasing the risk of data leakage, surprise actions, and skill hijacking of conversations outside its intended domain.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal