ClawHub

AI Video Gen

Security checks across malware telemetry and agentic risk

Overview

The skill mostly does what it claims, but it mishandles API configuration and includes under-scoped third-party upload instructions that users should review before installing.

Install only if you are comfortable sending prompts, images, and generated videos to third-party services. Patch the VIDEO_GEN_BASE_URL bug before use, keep Volcengine and Feishu credentials in secure environment/secret storage, and require explicit user confirmation before any Feishu upload or message send.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Context-Inappropriate Capability

Medium
Confidence
88% confidence
Finding
The Feishu token acquisition, file upload, and send workflow extends the skill beyond video generation into third-party exfiltration/distribution of generated files. Because this capability is not tightly justified by the stated purpose, it increases the attack surface and could be repurposed to move sensitive media or credentials off-platform.

Intent-Code Divergence

Medium
Confidence
98% confidence
Finding
BASE_URL is incorrectly populated from VIDEO_GEN_API_KEY instead of a dedicated base URL variable, causing the bearer token value to be used as the request destination prefix. If an attacker can influence the environment or if the script runs with a real API key, requests may be sent to an unintended endpoint and the Authorization header will disclose the credential to that destination.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The README tells users to supply an API key for an external Volcengine endpoint but does not clearly disclose that user prompts, images, or other media will be transmitted to a third-party video-generation service. This can lead to uninformed sharing of sensitive or proprietary content, especially because the skill is explicitly designed for text/image/video inputs that may contain private data.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill instructs users to upload generated videos to Feishu without clearly warning that user content will be transmitted to a third-party service. In contexts where prompts, frames, or rendered videos may contain sensitive or proprietary material, this omission can lead to unintended data disclosure.

Missing User Warnings

Low
Confidence
86% confidence
Finding
The documentation shows direct use of Feishu app_id and app_secret for token acquisition but does not include any warning about secure storage, least privilege, or secret-handling practices. This can encourage unsafe operational behavior, including hardcoding or mishandling sensitive credentials.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal