ClawHub

Free Video Generation Ai Model

Security checks across malware telemetry and agentic risk

Overview

This is a cloud video-generation skill whose remote API use and media handling fit its stated purpose, but prompts and uploaded media are sent to NemoVideo for processing.

Install only if you are comfortable sending prompts, uploaded files, URLs, and editing instructions to NemoVideo's cloud backend. Avoid confidential media unless you trust that provider, use a dedicated NEMO_TOKEN, and ask the agent to confirm before uploading, editing, or exporting when your request is ambiguous.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Description-Behavior Mismatch

Medium
Confidence
92% confidence
Finding
The skill presents itself as a simple text-to-video generator, but the instructions expose a much broader remote media-editing surface including uploads, timeline/state inspection, SSE-driven edits, and export orchestration. This mismatch can mislead users and reviewers about what data and operations the skill can perform, increasing the risk of unexpected third-party data transfer and overbroad backend interaction.

Description-Behavior Mismatch

Low
Confidence
84% confidence
Finding
The user-facing description says users upload 'text prompts' and lists a few formats, but the implementation supports many more media types and URL-based ingestion. That discrepancy weakens informed consent and can cause users to provide content without understanding the true scope of accepted inputs or remote processing behavior.

Vague Triggers

Medium
Confidence
88% confidence
Finding
Routing 'everything else' into the generation SSE path is an overly permissive trigger that can cause unrelated or ambiguous user input to be sent to a third-party backend. This increases the chance of unintended data disclosure, accidental action execution, and abuse of a broad remote API without explicit user intent.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The onboarding text does not clearly warn users that their prompts, files, and editing instructions are transmitted to an external service. Because the skill handles uploads and potentially sensitive media, the lack of a prominent third-party processing disclosure undermines informed consent and privacy expectations.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal