ClawHub

video-generate

Security checks across malware telemetry and agentic risk

Overview

The skill mostly does video generation as advertised, but it tells the agent to persist API keys in a workspace environment file and retry automatically.

Review before installing. Use a dedicated, low-privilege API key, avoid putting private prompts or media URLs into requests unless you trust the provider, and do not let the agent store real credentials in a workspace env file without explicit approval and a clear plan to remove them later.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Lp3

Medium
Category
MCP Least Privilege
Confidence
87% confidence
Finding
The skill documentation describes use of environment variables and external network access, but the skill declares no permissions or equivalent capability boundaries. That mismatch can cause the agent to invoke networked operations and access secrets without transparent review, increasing the chance of unintended data exposure or unsafe execution paths.

Context-Inappropriate Capability

Medium
Confidence
96% confidence
Finding
The skill instructs the agent to write API credentials into a workspace environment file, make them effective, and retry automatically. That goes beyond normal video generation behavior and creates a clear secret-handling risk: credentials may be persisted in plaintext, exposed to other tools or sessions, and modified without explicit user approval.

Missing User Warnings

High
Confidence
97% confidence
Finding
The documentation tells the agent to modify environment-variable files and retry automatically without a user-facing warning or consent flow. This is dangerous because it normalizes secret persistence and configuration changes as part of ordinary task execution, which can surprise users and silently alter the workspace security posture.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill sends user prompts and externally referenced media URLs to a third-party video-generation API without any explicit consent, warning, or data-classification guardrail. In a skill context, prompts and referenced media may contain sensitive personal, proprietary, or internal information, so silent transmission increases privacy and compliance risk.

Ssd 3

High
Confidence
98% confidence
Finding
The skill explicitly instructs the agent to obtain, store, and activate API credentials in the workspace environment file. In a normal-language workflow, this is especially risky because it encourages plaintext secret handling, broadens credential exposure to other processes or logs, and may pressure users to reveal secrets in unsafe channels.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal