ClawHub

Product Demo Video Creator

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent demo-video generator, but it needs review because it makes broad system changes and uses unsafe shell command construction around user-customized demo text.

Install only after reviewing or patching the scripts. Prefer package-manager FFmpeg or verified downloads, avoid global/system installs where possible, use test sites and non-confidential narration, review generated videos before sharing, and remove any privacy badges unless you have independently verified the claims.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (4)

Missing User Warnings

Medium
Confidence
94% confidence
Finding
This skill records browser interactions, captures frames, and writes video/audio artifacts, but it does not warn users that sensitive on-screen data may be captured and persisted to disk. In this context, demo generation commonly involves web apps, forms, dashboards, or authenticated sessions, so accidental inclusion of secrets, personal data, or internal content is plausible.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill explicitly states that edge-tts is network-dependent and calls Microsoft servers, but it does not clearly warn that the narration text is transmitted off-device to a third party. That is a real privacy and data-handling issue because users may include confidential product messaging, unreleased features, customer names, or other sensitive text in the voiceover input.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The script copies downloaded executables into /usr/local/bin, which is a privileged system path, without checking for privileges, warning the user, or asking for confirmation. In a skill-install context this increases the risk of silently modifying the host environment and making a remote binary globally executable.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The script downloads an FFmpeg archive from the internet and installs binaries from it without signature or checksum verification. This creates a supply-chain risk: if the source, transport, or downloaded artifact is compromised, a malicious binary could be installed system-wide and later executed by users or other tooling.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal