ClawHub

Text To Video Creator Free

Security checks across malware telemetry and agentic risk

Overview

This skill does what it claims, but it can automatically connect to a third-party video service and broadly send prompts, uploaded files, or URL content there without a clear user confirmation step.

Review before installing. Use it only if you are comfortable sending selected prompts, documents, URLs, and generated video state to NemoVideo's cloud service. Do not upload confidential, regulated, or proprietary material unless you trust that provider's privacy and retention practices. Ask the agent to confirm before connecting, uploading files, importing URLs, exporting, or using credits.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (5)

Description-Behavior Mismatch

Medium
Confidence
95% confidence
Finding
The skill’s advertised purpose is text-to-video generation, but it also instructs the agent to upload arbitrary local files and import content from URLs. That expands data-access and network-fetch capabilities beyond what a user would reasonably expect, increasing the risk of unintended exfiltration of sensitive local files or ingestion of untrusted remote content.

Context-Inappropriate Capability

Medium
Confidence
94% confidence
Finding
Allowing arbitrary external URL imports gives the skill a general network-fetch primitive that is broader than the stated text-to-video workflow. This can be abused to retrieve attacker-controlled content, unexpected data sources, or sensitive internal URLs if the surrounding agent environment ever permits user-supplied links without strict validation.

Vague Triggers

Medium
Confidence
85% confidence
Finding
The invocation guidance is broad enough that ordinary conversation about writing, blogs, music, or video could trigger the skill unintentionally. In a skill that sends user content to an external backend and can create sessions automatically, accidental activation can result in unanticipated data transfer and actions the user did not clearly request.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The routing table’s catch-all rule sends 'everything else' to the SSE generation path, which is an overly permissive default. Ambiguous or unrelated user messages could therefore trigger backend processing, session use, and cloud transmission without sufficiently constrained intent matching.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill instructs the agent to send prompts, uploaded files, and possibly remote content to a cloud video backend, but it does not provide a prominent user-facing warning or consent step. This creates a privacy and transparency issue because users may share sensitive text or documents without understanding that the material leaves the local environment and is processed by a third party.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal