ClawHub

Video Gen Script Free

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only cloud video generation skill that discloses its remote API workflow, but users should treat uploaded prompts and media as shared with an external service.

Install only if you are comfortable sending selected prompts, files, URLs, and session metadata to mega-api-prod.nemovideo.ai. Avoid confidential media or documents unless you trust that provider, and ask the agent to confirm before uploading files, creating renders, or exporting videos.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (6)

Description-Behavior Mismatch

High
Confidence
98% confidence
Finding
The skill is marketed as simple video-script generation, but the documented behavior expands into a remote media upload, session management, stateful editing, and cloud rendering pipeline. This capability mismatch is dangerous because it can cause users to unknowingly transmit files and trigger materially more powerful operations than they consented to, increasing privacy, cost, and misuse risk.

Context-Inappropriate Capability

Medium
Confidence
95% confidence
Finding
The skill automatically acquires anonymous tokens and creates authenticated backend sessions even though the stated purpose is only generating a script. This is dangerous because it grants the skill hidden access to external services and user-associated processing without clear necessity or informed consent, expanding the attack surface and enabling unanticipated data transfer or account/resource use.

Intent-Code Divergence

Medium
Confidence
93% confidence
Finding
The skill initially presents input as a text prompt or topic, but later supports uploading broad media files and processing them through a cloud render pipeline. This inconsistency is dangerous because users may believe they are sharing only text when in fact they may be induced to upload much more sensitive content to a remote service.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The invocation phrases are broad and generic, such as 'generate my text prompt or topic' and incomplete phrases like 'generate a video script for a', which could cause accidental triggering in unrelated conversations. While not an exploit by itself, unintended activation becomes more concerning here because the skill can connect to a backend and initiate remote workflows.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The documentation instructs the skill to connect to a remote API, obtain tokens, and create sessions, but it does not clearly warn users that their prompts and uploaded files will be transmitted to a third-party backend. This is a privacy and transparency issue that can lead to uninformed disclosure of sensitive content.

Natural-Language Policy Violations

Medium
Confidence
88% confidence
Finding
The session creation hard-codes the language to English without asking the user, which can mis-handle multilingual content and silently alter service behavior contrary to user expectations. This is primarily a consent and correctness problem rather than a direct security compromise, but it contributes to deceptive or unintended processing.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal