ClawHub

Image To Video Kaise Banaye

Security checks across malware telemetry and agentic risk

Overview

This is a cloud image-to-video helper that is broadly coherent with its stated purpose, but users should understand it sends selected media and prompts to NemoVideo and may use service credits.

Install only if you are comfortable sending the selected images, audio/video files, prompts, draft timeline state, and render requests to NemoVideo. Use a token intended for this service, avoid confidential media unless the provider is acceptable for that data, and ask the agent to confirm before exports or other credit-consuming actions.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (5)

Description-Behavior Mismatch

Medium
Confidence
92% confidence
Finding
The skill’s advertised purpose is narrowly framed as converting three JPG product photos into 1080p videos, but the body grants much broader capabilities including arbitrary media uploads, session state inspection, credit management, and export orchestration. This scope mismatch can mislead users and hosts about what data and actions the skill may perform, weakening informed consent and policy enforcement.

Context-Inappropriate Capability

Medium
Confidence
89% confidence
Finding
The skill is instructed to acquire anonymous tokens automatically and query credit balances, which introduces account-like behavior beyond simple file conversion. Even if intended for usability, silently obtaining tokens and inspecting balances can surprise users, create unauthorized service consumption, and expand the blast radius if the skill is abused or repurposed.

Vague Triggers

Medium
Confidence
86% confidence
Finding
The routing table sends 'Everything else' to the SSE action, making the skill eligible to process nearly any unmatched prompt. This overbroad trigger surface increases the chance of accidental invocation, unintended data transmission to the backend, and misuse outside the stated image-to-video task.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill tells users to upload images and then automatically connects to a remote backend, creates sessions, and sends prompts/files, but it does not clearly warn users that their content is transmitted to an external service. This undermines informed consent and can expose sensitive media or prompts to third-party processing without an explicit disclosure.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The metadata declares use of an environment token and local configuration paths, yet the skill does not clearly tell users it may access local credentials/configuration to authenticate with the backend. Hidden use of local secrets or config materially increases sensitivity because users may not realize the skill can leverage existing authenticated context.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal