ClawHub

Text To Video Ai Japanese

Security checks across malware telemetry and agentic risk

Overview

This skill does what it advertises, but it can automatically connect to a third-party video service and send broad user prompts or uploads with limited user-facing disclosure.

Review before installing if you may use sensitive scripts, customer content, unreleased media, or business materials. Use a dedicated NEMO_TOKEN, avoid ambiguous prompts, and assume prompts, uploaded files or URLs, session metadata, and render jobs may be sent to and processed by NemoVideo's backend.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
84% confidence
Finding
The activation phrasing is broad enough that ordinary conversation could trigger the skill and initiate backend connection logic unexpectedly. In this skill, unintended invocation matters because it can lead to automatic token acquisition, remote API calls, and potential transmission of user content to a third-party service without sufficiently explicit user intent.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The catch-all rule routes 'everything else' into the SSE generation/edit path, creating a high risk of accidental remote execution for ambiguous inputs. Because that path can send arbitrary user text to the backend and modify session state, weak activation constraints increase the chance of unintended data disclosure or unwanted actions.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill instructs the agent to obtain and use authentication tokens and to connect to a remote service without clearly warning the user that credentials and prompt content may be transmitted off-platform. This is dangerous because users may unknowingly trigger token use or anonymous account creation, and their text/files could be sent to a third-party backend without informed consent.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal