ClawHub

Image To Video Gemini

Security checks across malware telemetry and agentic risk

Overview

This is a prompt-only cloud image-to-video skill whose remote uploads, token use, sessions, credits, and export workflow are disclosed and fit its purpose.

Install only if you are comfortable sending prompts, uploaded images or URLs, and render/session data to Nemovideo’s cloud service. Avoid uploading private, regulated, or proprietary media unless you trust that provider’s data handling, and treat NEMO_TOKEN as an account credential.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (4)

Description-Behavior Mismatch

Medium
Confidence
90% confidence
Finding
The skill is presented as a simple single-image-to-video converter, but the documented capabilities expand into general video editing, upload, session state inspection, rendering, and multi-format media export. This scope mismatch can mislead users and host systems about what data and actions the skill may perform, increasing the chance of overbroad invocation and unintended processing of user content.

Context-Inappropriate Capability

Low
Confidence
82% confidence
Finding
Including credits and account-balance access is not necessary for basic image-to-video conversion and exposes additional account-related information to the skill. Even if limited to balances, this expands the data surface and can normalize access to billing-related endpoints without a clear user need or consent path.

Vague Triggers

Medium
Confidence
94% confidence
Finding
The routing rule sends 'Everything else' to the SSE action, which is overly broad for a specialized media skill. This can cause the skill to trigger on unrelated prompts and forward arbitrary user text to a remote backend, creating privacy risk and unintended tool activation beyond the user's expectations.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The setup section emphasizes automatic connection and token/session creation but does not clearly warn users up front that their uploaded images and prompts are transmitted to a third-party cloud service. Because images may contain sensitive personal or commercial information, inadequate disclosure undermines informed consent and increases privacy/compliance risk.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal