ClawHub

Video Call Agent

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed Runway-powered video call workflow, but users should treat calls, transcripts, recordings, avatar images, and personality prompts as sensitive data shared with external services.

Install only if you are comfortable using Runway and the disclosed npm runtime for live audio/video calls. Avoid putting secrets, unnecessary personal details, private project data, or biometric face images into avatar prompts or uploads unless needed; use cloudflared tunnels only when required; ask before sharing recordings or detailed summaries in other channels; and stop the local server and delete unused avatars when finished.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (7)

Vague Triggers

Medium
Confidence
85% confidence
Finding
The skill is marked user-invocable and describes broadly starting a video call for many ordinary situations, which can cause over-triggering for routine interactions that would be safer and less intrusive as text. Because the action initiates real-time audio/video collection and can lead to transcript/recording generation, an overly broad invocation surface materially increases privacy and consent risk.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill instructs the agent to send call recordings and summarize call contents without placing a prominent upfront warning and consent requirement before those steps. That creates a real risk that sensitive spoken content will be recorded, retained, and redistributed to a chat channel by default, even when the user may not expect or want that handling.

Ssd 3

Medium
Confidence
95% confidence
Finding
The instructions encourage embedding remembered user context, preferences, projects, and other personal details into the avatar's persistent personality prompt. Storing or repeatedly reusing that context in a long-lived avatar increases unnecessary retention and risks disclosure of personal or sensitive information across future calls or to the external provider.

Ssd 3

Medium
Confidence
96% confidence
Finding
The skill directs the agent to download the recording and send it back through the user channel by default, along with a summary derived from the transcript. This broadens disclosure beyond the live call itself and can expose sensitive spoken information in channels that may have different retention, visibility, or access controls than the call.

External Transmission

Medium
Category
Data Exfiltration
Content
4. **Generate one with Runway text-to-image** — if none of the quick picks fit your character, or if the user specifically asks for a custom avatar look. Use the Runway API with model `gemini_2.5_flash`:

```bash
curl -X POST https://api.dev.runwayml.com/v1/text_to_image \
  -H "Authorization: Bearer $RUNWAYML_API_SECRET" \
  -H "X-Runway-Version: 2024-11-06" \
  -H "Content-Type: application/json" \
Confidence
90% confidence
Finding
curl -X POST https://api.dev.runwayml.com/v1/text_to_image \ -H "Authorization: Bearer $RUNWAYML_API_SECRET" \ -H "X-Runway-Version: 2024-11-06" \ -H "Content-Type: application/json" \ -d '{

External Transmission

Medium
Category
Data Exfiltration
Content
4. **Generate one with Runway text-to-image** — if none of the quick picks fit your character, or if the user specifically asks for a custom avatar look. Use the Runway API with model `gemini_2.5_flash`:

```bash
curl -X POST https://api.dev.runwayml.com/v1/text_to_image \
  -H "Authorization: Bearer $RUNWAYML_API_SECRET" \
  -H "X-Runway-Version: 2024-11-06" \
  -H "Content-Type: application/json" \
Confidence
90% confidence
Finding
https://api.dev.runwayml.com/

External Transmission

Medium
Category
Data Exfiltration
Content
**Step 1: Create an upload URL**

```bash
curl -X POST https://api.dev.runwayml.com/v1/uploads \
  -H "Authorization: Bearer $RUNWAYML_API_SECRET" \
  -H "X-Runway-Version: 2024-11-06" \
  -H "Content-Type: application/json" \
Confidence
90% confidence
Finding
https://api.dev.runwayml.com/

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal