ClawHub

Photo Video Maker Fast

Security checks across malware telemetry and agentic risk

Overview

This appears to be a real cloud photo-to-video skill, but it can automatically contact a third-party service and route broad prompts or media there without clear upfront consent.

Install only if you are comfortable with prompts, uploaded images, and possibly other media being sent to nemovideo.ai for cloud processing. Avoid sensitive personal media unless you understand the service's retention and privacy terms, and prefer explicit confirmation before allowing uploads, token creation, or broad editing requests.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Description-Behavior Mismatch

Medium
Confidence
92% confidence
Finding
The skill is marketed as a photo-to-video tool, but the implementation advertises support for many additional media types including video, audio, and generic editing/export flows. This creates a scope mismatch that can mislead users and host systems about what data the skill can accept and transmit, increasing the risk of unintended exfiltration of non-photo content to the remote service.

Vague Triggers

Medium
Confidence
86% confidence
Finding
The invocation examples are very broad and generic, making it easy for the skill to activate on ambiguous user input that may not clearly indicate consent to use this specific remote media-processing service. Over-broad activation can cause accidental routing of user files or prompts into external processing workflows.

Vague Triggers

Medium
Confidence
94% confidence
Finding
The catch-all rule routes 'everything else' to the SSE backend, which is too permissive for a networked skill that can send user prompts and potentially uploaded media to a third-party service. This increases the chance that unrelated or sensitive requests are forwarded externally without clear user intent.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill encourages users to share photos and images but does not clearly warn that prompts and media are sent to a remote cloud backend for processing. For a media skill handling personal images, this omission is significant because users may unknowingly transmit sensitive or private content off-device.

Missing User Warnings

Medium
Confidence
98% confidence
Finding
The skill automatically connects to the backend and may obtain an anonymous token without first warning the user about network access and authentication behavior. Silent background authentication and session creation are risky because they initiate third-party communication before meaningful consent, and may create accounts/sessions tied to the user's environment.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal