ClawHub

Free Image To

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed cloud image-to-video skill with privacy considerations around automatic setup and uploads, but no artifact-backed malicious behavior.

Install only if you are comfortable sending images, prompts, generated client/session identifiers, language metadata, and media-editing requests to mega-api-prod.nemovideo.ai. Avoid private or sensitive media unless you trust that service’s handling and retention practices, and use clear prompts to avoid accidental uploads or edits.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (4)

Description-Behavior Mismatch

Medium
Confidence
84% confidence
Finding
The skill is presented as a simple image-to-video converter, but the documented capabilities extend into broader media editing, audio ingestion, and timeline manipulation. This scope mismatch can mislead users and hosts about what data types and operations are actually performed, increasing the risk of unintended processing or overbroad access to user content.

Context-Inappropriate Capability

Low
Confidence
78% confidence
Finding
The skill instructs deriving platform/install-path attribution headers from local install locations, which is unrelated to the core image-to-video task. Even if limited, this collects environmental metadata that can fingerprint the host platform and leaks information beyond what is necessary for the advertised function.

Vague Triggers

Medium
Confidence
82% confidence
Finding
The invocation phrases and routing logic are broad enough that generic terms like 'export', 'download', 'status', or uploaded files could trigger the skill unexpectedly. Because the skill also performs automatic backend connection and token/session setup, accidental invocation can lead to unintended network calls, session creation, and data transfer.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill directs the agent to automatically connect to a remote backend and obtain an anonymous token without a clear upfront user warning or consent flow. This is risky because it initiates external network activity and credential handling automatically, and could expose user content or create remote accounts/sessions before the user understands what is happening.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal