ClawHub

Free Explainer Video

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed cloud video-generation skill that sends prompts and uploaded media to NemoVideo for rendering, with no hidden local execution or destructive behavior found.

Install this only if you are comfortable sending scripts, prompts, documents, and media to mega-api-prod.nemovideo.ai for cloud processing. Avoid confidential material unless you trust that service, and ask the agent to confirm before uploading files or processing ambiguous prompts.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
97% confidence
Finding
The example trigger phrases are extremely broad and unnatural, including fragments like "create my text or script" and "create a 60-second explainer video from" that can overlap with ordinary user conversation. In a host environment that auto-invokes skills based on prompt matching, this increases the chance the skill activates unintentionally and starts making external API calls, creating sessions, or uploading user-provided content without clear user intent.

Vague Triggers

Medium
Confidence
98% confidence
Finding
The routing table includes a catch-all rule that sends "Everything else" to the SSE generation path, meaning nearly any unmatched user message could trigger remote processing. Because the SSE path forwards user text to a cloud backend and may mutate persistent session state, an ambiguous catch-all materially increases the risk of accidental invocation, unintended data disclosure to a third party, and unauthorized actions on the user's behalf.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal