ClawHub

Ai Video Free Generator

Security checks across malware telemetry and agentic risk

Overview

This skill appears to provide a real cloud video-generation workflow, but it can automatically create remote sessions, use a local token, and route broad prompts to a third-party backend without clear user confirmation.

Install only if you intend to use NemoVideo's remote cloud service. Treat NEMO_TOKEN as an account credential, avoid uploading confidential or regulated media, and make sure the agent asks before creating sessions, uploading files, or sending prompts to the backend.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Context-Inappropriate Capability

Medium
Confidence
94% confidence
Finding
The skill instructs the agent to read an environment token if present and otherwise mint an anonymous token automatically, which expands access to local secrets and external service authentication beyond an explicit, per-request user consent flow. While this is related to the advertised video service, silently consuming env/config credentials and creating sessions increases the chance of unintended account use, token leakage through downstream logs, or unauthorized backend actions.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The startup language and examples are broad enough that ordinary phrases like sharing text/images or asking to generate/export content may activate the skill without a clear, deliberate invocation. Over-broad triggering is dangerous because it can cause accidental upload workflows, session creation, and remote API use on content the user did not intend to send to this specific service.

Vague Triggers

Medium
Confidence
97% confidence
Finding
The routing table contains a catch-all rule that sends 'Everything else' to the SSE backend, meaning nearly any unmatched prompt can be forwarded to a remote service. This materially increases the risk of unintended data exfiltration and surprise activation because benign conversation or unrelated editing requests may still be transmitted externally.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill describes server-side rendering and backend connection steps but does not present a prominent user warning that uploaded files and prompts will be transmitted to remote APIs and cloud GPU infrastructure. This is risky because users may provide sensitive media or text under the assumption of local handling, creating privacy and confidentiality exposure.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal