ClawHub

Text To Video Explainer

Security checks across malware telemetry and agentic risk

Overview

The skill is mostly coherent for cloud video generation, but its broad routing could send unrelated user text or files to NemoVideo without a clear confirmation boundary.

Install only if you are comfortable sending scripts, uploaded documents, prompts, and render state to NemoVideo's cloud API. Avoid confidential or regulated material unless that upload is intentional, and confirm before allowing the skill to create sessions, upload files, or route ambiguous messages to the backend.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
86% confidence
Finding
The skill invites activation from very generic user language such as sharing a script or even vaguely describing an idea, which can cause the skill to engage during ordinary conversation without clear user intent. Because this skill sends content to a third-party cloud backend and may automatically establish sessions/tokens, overbroad invocation increases the risk of unintended data disclosure and unexpected external API usage.

Vague Triggers

Medium
Confidence
84% confidence
Finding
Example trigger phrases like 'export 1080p MP4' are too vague to uniquely indicate this specific skill and could match normal discussion about media output. In this skill's context, ambiguous triggers are more dangerous because activation can lead to remote processing, token acquisition, and transmission of user content to an external service.

Vague Triggers

Medium
Confidence
92% confidence
Finding
The routing table contains an unbounded fallback of 'Everything else' to the SSE action, meaning nearly any unmatched prompt could be forwarded to the backend. This creates ambiguous activation boundaries and increases the chance that unrelated or sensitive user messages are transmitted to a remote service without sufficiently clear consent.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill emphasizes convenience and cloud GPU processing but does not provide a clear, prominent warning that uploaded scripts, messages, and files are sent to an external backend for processing. Given that users may upload TXT, DOCX, PDF, or SRT files containing proprietary or sensitive information, the lack of explicit disclosure undermines informed consent and increases privacy and compliance risk.

VirusTotal

61/61 vendors flagged this skill as clean.

View on VirusTotal