ClawHub

Text To Video Mod

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only text-to-video skill that coherently uses NemoVideo cloud APIs, but users should expect prompts, uploads, and render state to leave their device.

Install only if you are comfortable sending text prompts, scripts, selected files, media URLs, and render state to NemoVideo for cloud processing. Use a dedicated NEMO_TOKEN when possible, avoid confidential or rights-restricted material, and ask the agent to confirm before uploads or exports that may consume credits.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
88% confidence
Finding
The example trigger phrases are broad and natural-language-heavy, which increases the chance the skill activates on generic requests about converting text or scripts into media. In an agent environment, over-broad invocation can cause unintended routing of user content to this skill and then to its remote backend, creating privacy and action-confusion risks.

Vague Triggers

Medium
Confidence
95% confidence
Finding
The routing table contains a catch-all rule ('Everything else') for SSE processing, which is an overly permissive activation mechanism. This can route unrelated or ambiguous user input into a live backend workflow, causing accidental data disclosure, unwanted API use, or unintended billable operations.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill describes cloud processing and uploads but does not present a clear user-facing warning that prompts, scripts, and uploaded files are sent to a third-party remote service. Users may disclose sensitive business, personal, or copyrighted material without informed consent, especially because the skill encourages direct upload and prompt submission.

Missing User Warnings

Low
Confidence
83% confidence
Finding
The file explains that session tokens carry render job IDs and that jobs may persist if the tab closes, but it does not clearly warn users that session state and project data may remain stored remotely. This creates a transparency and privacy issue because users may assume transient local processing when backend project state can persist beyond the immediate interaction.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal