ClawHub

Make a Video

Security checks across malware telemetry and agentic risk

Overview

This appears to be a coherent Pexo video-generation skill, with normal external API use but some privacy and credential-handling details users should understand.

Install only if you are comfortable sending prompts and any selected image, video, or audio files to Pexo's hosted service. Treat ~/.pexo/config as a secret-bearing file, restrict its permissions, do not share diagnostics that may include account entitlement details, and rotate the Pexo API key if it is exposed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Rogue AgentSelf-Modification, Session Persistence
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (7)

Description-Behavior Mismatch

Medium
Confidence
91% confidence
Finding
The script exposes account credit balance and plan entitlement data, which is outside the narrowly declared purpose of generating videos from a user prompt. Even if intended for troubleshooting, this adds unnecessary account/billing inspection capability that can reveal sensitive subscription and usage metadata and expands what the skill can do beyond user expectations.

Context-Inappropriate Capability

Medium
Confidence
95% confidence
Finding
This code actively calls an entitlements endpoint and prints detailed account data to stdout, including credits and plan information, despite the skill being presented as a video-creation tool rather than an account-management tool. In this context, the mismatch is dangerous because it introduces unnecessary access to billing-related user data and could be abused for profiling, debugging around rate limits, or collecting subscription state without clear need.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The README explicitly states that all creative work happens server-side, which implies user prompts and possibly sensitive business or personal content are sent to a hosted third-party service. Without any privacy, retention, or data-handling warning, users may unknowingly submit confidential information under incorrect assumptions about local processing.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill explicitly says to pass the user's request 'verbatim' to Pexo's hosted backend, but provides no warning that the content leaves the local agent boundary and is sent to a third party. This can expose sensitive prompts, business information, personal data, or regulated content without informed user consent.

Missing User Warnings

Medium
Confidence
98% confidence
Finding
The skill instructs uploading local image/video/audio files to Pexo and even downloading/uploading remote resources first, yet gives no explicit warning that user files are being transferred to an external service. This raises significant privacy and data-governance risk, especially for confidential media or files containing personal information.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The setup guide instructs users to place a long-lived API key in a plaintext config file and then run diagnostics that validate the key over the network, but it does not warn about local secret exposure, file permissions, or credential transmission. In a skill that encourages quick setup, this can lead to inadvertent leakage through shared home directories, backups, shell history, or unsafe support/debugging practices.

Session Persistence

Medium
Category
Rogue Agent
Content
## Quick Start

### 1. Create config file

```bash
mkdir -p ~/.pexo
Confidence
90% confidence
Finding
Create config file ```bash mkdir -p ~/.pexo cat > ~/.pexo/config << 'EOF' PEXO_BASE_URL="https://pexo.ai" PEXO_API_KEY="sk-<your-api-key>" EOF ``` Get your API key at: https://pexo.ai - If you do n

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal