ClawHub

Image And Text To Video

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed cloud video-generation skill, but users should understand it connects to NemoVideo and may upload media when used.

Install only if you are comfortable sending prompts, uploaded files, remote media URLs, and render metadata to mega-api-prod.nemovideo.ai. Avoid using sensitive personal, client, or confidential media unless you trust that service and its data handling. Set your own NEMO_TOKEN if available, and be aware the skill can create an anonymous token and session automatically when invoked.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Description-Behavior Mismatch

Medium
Confidence
92% confidence
Finding
The skill advertises a narrow image-and-text-to-video capability, but the body documents broader handling of audio tracks, generic media uploads, and multiple export/input formats. This scope expansion can cause users or host agents to route unrelated files and tasks to a third-party backend without clear disclosure, increasing the chance of unintended data exposure and misuse.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The invocation phrases are very generic, such as 'export 1080p MP4' and 'generate my images and text', which can trigger the skill in situations where the user did not clearly intend to use this remote video service. In a skill ecosystem, overly broad activation increases the risk of accidental uploads, API calls, or processing of sensitive user content by an external provider.

Missing User Warnings

Medium
Confidence
98% confidence
Finding
The skill instructs the agent to automatically contact external APIs, obtain or reuse authentication tokens, and create a session before user confirmation or an upfront privacy warning. This is dangerous because it can transmit identifiers and potentially user-related context to a third-party service without informed consent, and it normalizes silent credential use and session establishment.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal