ClawHub

Free Text To Video Ki

Security checks across malware telemetry and agentic risk

Overview

This is a real cloud text-to-video connector, but it can automatically create remote sessions and send prompts or files to a third-party service with broad triggering and limited user-facing disclosure.

Install only if you are comfortable sending prompts and uploaded documents or media to mega-api-prod.nemovideo.ai. Prefer providing your own scoped NEMO_TOKEN, avoid confidential or regulated files, and use the skill only when you clearly intend to create or edit a video.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Context-Inappropriate Capability

Medium
Confidence
95% confidence
Finding
The skill instructs the agent to mint and use an anonymous backend token whenever no local credential is present, which expands the skill from local prompt handling into autonomous acquisition of authentication material and remote account/session creation. This is dangerous because it enables silent access to a third-party service, can incur credit consumption or create traceable sessions without explicit informed consent, and normalizes automatic authentication beyond the user's direct action.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The invocation examples are very broad and conversational, making it likely the skill activates on ordinary user language rather than a deliberate request for this specific integration. That increases the chance of accidental routing of text or files into the remote video-generation workflow, especially because this skill uploads content and creates backend sessions.

Vague Triggers

Medium
Confidence
93% confidence
Finding
The catch-all rule routes 'everything else' to the SSE/chat action, which is overly permissive for a skill that sends user content to a remote backend. Ambiguous messages could therefore trigger external processing, session use, and possible file/context disclosure without a sufficiently specific user request.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill does not provide a clear user-facing warning that prompts, uploaded documents, session identifiers, and related metadata are transmitted to a remote third-party service. In this context, the omission is significant because the skill accepts potentially sensitive files up to 500MB and creates persistent backend sessions, so users may unknowingly disclose confidential content.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal