ClawHub

Ai Music Maker

Security checks across malware telemetry and agentic risk

Overview

This is a cloud video/music rendering skill with disclosed remote processing and token use, but users should treat uploaded videos and prompts as shared with Nemo Video.

Install only if you are comfortable sending video files, prompts, and render metadata to mega-api-prod.nemovideo.ai. Avoid confidential or sensitive footage unless you trust the provider’s privacy and retention practices, and keep NEMO_TOKEN private.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
83% confidence
Finding
Routing 'Everything else' to the SSE action creates an effectively unbounded prompt surface for a remote backend, making it easier for unrelated or adversarial user input to trigger powerful edit/generation operations outside the intended music-adding scope. In a skill that bridges user prompts directly to remote processing APIs, catch-all dispatch increases the risk of unintended actions, data submission, and abuse of paid/session-backed capabilities.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The setup and usage flow instructs the agent to upload user videos and prompts to a third-party API, but the user-facing guidance does not clearly disclose that their content is transmitted off-device for cloud processing. This creates a privacy and consent problem, especially because uploaded media may contain sensitive personal, commercial, or location data.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill declares access to the NEMO_TOKEN environment variable and local config paths, but does not clearly warn users that local credentials and configuration may be read to authenticate requests. Even if the token is not printed, undisclosed credential use increases the chance of surprising account usage, quota consumption, or privacy concerns tied to an existing local identity.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal