ClawHub

Ai Short Drama Director

Security checks across malware telemetry and agentic risk

Overview

This video-generation skill appears purpose-aligned, but it can make persistent system changes and write or overwrite local output with insufficient upfront scoping.

Install only if you are comfortable with a local video pipeline that writes output files and uses ffmpeg. Do not allow it to run apt-get automatically; install dependencies yourself or in a container, and review output paths before generation to avoid overwriting prior work.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Context-Inappropriate Capability

Medium
Confidence
96% confidence
Finding
The skill explicitly instructs running `apt-get update && apt-get install -y ffmpeg` when ffmpeg is unavailable. Installing system packages changes the host environment, requires elevated privileges in many setups, introduces supply-chain and system-integrity risk, and goes beyond the narrow scope of transforming scripts into short videos. In an agent setting, this can lead to unauthorized persistent modification of the runtime or unexpected package installation side effects.

Vague Triggers

Medium
Confidence
79% confidence
Finding
The trigger words include broad terms such as '短剧', '剧本', 'drama', 'storyboard', '分镜', and '视频合成', which are common in many benign conversations and can cause the skill to activate outside the user's intended scope. Overbroad activation is dangerous because this skill performs file creation and shell/video-processing workflows, so accidental invocation can lead to unexpected local side effects or inappropriate tool use.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill description and overview do not warn upfront that the workflow will create and overwrite files under `output/`, invoke shell commands, and run ffmpeg-based media processing. This omission reduces informed user consent and makes accidental or surprising filesystem modifications more likely, especially when combined with broad triggers and multi-stage automation.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal