ClawHub

Text To Video Llm

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only cloud video generation skill whose network, token, upload, state, and export behavior is disclosed and aligned with its purpose, though users should be careful with private prompts and files.

Install only if you are comfortable sending video prompts and chosen uploads to the NemoVideo backend. Use explicit requests when invoking it, avoid private or regulated files unless you trust the provider’s data handling, and verify supported file types before uploading documents.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
86% confidence
Finding
The invocation phrases are broad enough that normal conversation like 'export' or 'generate my text prompts' could trigger the skill unintentionally. In this skill, unintended activation is more concerning because first-use behavior includes automatic network connection and possible token acquisition to a third-party backend, which could send user content off-device without a clear intentional action.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The catch-all rule routing 'everything else' to SSE creates an overbroad activation path that can treat ordinary user text as backend instructions. Because SSE messages are sent to a remote service and may drive edits or generation actions, ambiguous routing increases the chance of accidental transmission of sensitive or irrelevant user content.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill instructs the agent to automatically connect to a remote backend and obtain an anonymous token without a clear upfront disclosure or consent flow. That is dangerous because user prompts, uploaded files, metadata, and generated session identifiers may be transmitted to a third-party service immediately on first use, creating privacy and data-handling risks that users may not expect.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal