ClawHub

Video Cartoon Maker Free

Security checks across malware telemetry and agentic risk

Overview

This skill is not clear malware, but it needs review because it can send videos, prompts, URLs, and editing commands to a third-party cloud video service with broad automatic routing.

Review before installing. Use it only when you intentionally want NemoVideo's cloud service to process the media, avoid confidential or regulated footage, do not provide private/internal URLs, and treat NEMO_TOKEN as account or credit-bearing access.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (6)

Description-Behavior Mismatch

Medium
Confidence
94% confidence
Finding
The skill is presented as a simple cartoon-style converter, but the documented capabilities expand into a broader cloud video editing and export pipeline with sessions, state inspection, SSE-driven edits, rendering, and polling. This scope expansion increases the chance that users or hosts invoke more powerful remote operations than they reasonably expect, which is a security and trust-boundary problem even if not overtly malicious.

Context-Inappropriate Capability

Medium
Confidence
92% confidence
Finding
Allowing arbitrary remote URL uploads broadens the data-ingestion surface beyond user-supplied local media and is not justified by the advertised use case. This can enable the skill to fetch third-party content unexpectedly, creating SSRF-like retrieval risks, privacy issues, or unreviewed transfer of external resources into the processing backend.

Vague Triggers

Medium
Confidence
86% confidence
Finding
The invocation language is broad enough that ordinary user requests about videos or style changes could activate the skill without a clear, intentional handoff. Overbroad triggering can cause unintended file handling, remote API calls, or session creation in contexts where the user did not knowingly choose this tool.

Vague Triggers

Medium
Confidence
95% confidence
Finding
The catch-all rule routes nearly everything outside a few keywords into the SSE action, which creates an overly broad execution path for backend operations. This makes accidental or ambiguous prompts far more likely to trigger remote processing and increases the risk of unintended data transfer or editing actions.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill asks users to send video clips or images and states it will handle conversion on cloud GPUs, but it does not provide an explicit warning that user files will be transmitted to a remote third-party API. This undermines informed consent for potentially sensitive media and creates privacy/compliance risk.

Missing User Warnings

Low
Confidence
84% confidence
Finding
The skill adds session and platform attribution headers derived from local installation context, but the user is not clearly informed that such contextual metadata may be transmitted. Even if low sensitivity, hidden platform/session attribution weakens transparency and may enable unnecessary tracking or correlation.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal