ClawHub

Text To Video Filmora

Security checks across malware telemetry and agentic risk

Overview

This skill is for cloud video generation, but it can automatically connect to a third-party service and send broad chat prompts or uploaded files there without a clear consent step.

Install only if you are comfortable sending scripts, prompts, subtitles, documents, videos, and URLs to Nemovideo's cloud service. Avoid confidential or copyrighted material unless you have permission, and require the agent to ask before creating sessions, uploading files, or sending ambiguous chat text to the API.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
89% confidence
Finding
The startup language is highly permissive and encourages automatic action on vague user statements like sharing ideas or prompts. In a chat environment, this can cause the skill to activate unintentionally and initiate remote setup or data transfer without the user clearly consenting to use this specific external video service.

Vague Triggers

Medium
Confidence
95% confidence
Finding
The catch-all rule routes 'Everything else' to the SSE generation action, which effectively treats most user input as authorization to send content to the backend. Because this skill also instructs automatic setup and session creation, ordinary conversation could be forwarded to a third-party service without clear user intent, increasing privacy and unwanted-action risk.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill prominently markets convenience and cloud processing but does not clearly warn users that their prompts and uploaded files are transmitted to remote services for processing. Since supported inputs include documents, subtitles, and media files up to 200MB, users may disclose sensitive or copyrighted material without informed consent about external handling.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal