ClawHub

Tiktok Viral Slideshow

Security checks across malware telemetry and agentic risk

Overview

This skill appears to do what it says: it sends user-selected media to a named cloud service to create TikTok-style slideshow videos.

Install only if you are comfortable sending selected images, videos, URLs, prompts, and render metadata to the NemoVideo cloud backend. Avoid private, regulated, or sensitive media unless you trust that service's privacy and retention practices, and use explicit media-editing requests to avoid accidental activation.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Description-Behavior Mismatch

Medium
Confidence
82% confidence
Finding
The undocumented URL-based upload path allows the skill to fetch remote user-supplied resources, expanding its trust boundary beyond local file uploads. That can enable server-side request abuse, unexpected third-party data transfer, or ingestion of hostile content from arbitrary URLs, especially when the capability is not clearly disclosed to users or reviewers.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The invocation guidance uses very generic language that could cause the skill to activate on ordinary conversation unrelated to explicit user intent. In an agent setting this can trigger unintended network calls, token creation, session creation, or media-processing actions without sufficiently clear consent.

Vague Triggers

Medium
Confidence
86% confidence
Finding
The example trigger phrases are underspecified and overlap with common chat requests, increasing the chance of accidental routing into this skill. Because the skill can authenticate, create sessions, and interact with external APIs, accidental triggering has meaningful privacy and operational impact.

VirusTotal

61/61 vendors flagged this skill as clean.

View on VirusTotal