ClawHub

Lyrics Video Maker Free Online

Security checks across malware telemetry and agentic risk

Overview

This skill appears to be a real cloud lyric-video tool, but it is too eager to connect to a third-party service and route vague requests there without clear user confirmation.

Review before installing. Use this only when you intentionally want audio, lyrics, prompts, and related project data sent to mega-api-prod.nemovideo.ai for cloud processing. Avoid private, unreleased, or rights-sensitive media unless you trust the service terms. Prefer a throwaway or low-privilege token, and confirm exactly what will be uploaded before asking the agent to process files.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
95% confidence
Finding
The skill invites activation from very generic requests like sharing audio files or describing an idea, which can cause the agent to route unrelated user content into this skill. Because the skill automatically connects to a third-party API and is designed to handle uploads, over-broad invocation increases the chance of unintended data disclosure and unexpected external actions.

Vague Triggers

Medium
Confidence
93% confidence
Finding
Example trigger phrases like "create my audio files" are vague and not specific to lyric-video creation, making accidental invocation more likely. In this skill, accidental invocation is more dangerous than usual because first interaction performs setup against an external service and may initiate a session tied to user data and credentials.

Vague Triggers

Medium
Confidence
97% confidence
Finding
The catch-all rule routes "Everything else" to the SSE editing path, effectively making the skill a default handler for a wide range of prompts. This is especially risky because the SSE path can send arbitrary user instructions to the remote backend, increasing the chance of unintended external processing, data transmission, or misuse from unrelated conversations.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill description emphasizes ease of use and server-side rendering but does not present a clear user-facing warning that uploaded audio, lyrics, and prompts are sent to a third-party service. This omission undermines informed consent and can expose sensitive or copyrighted media to external processing without the user fully understanding where their content goes.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal