ClawHub

Xplai Video

Security checks across malware telemetry and agentic risk

Overview

This skill coherently generates Xplai videos from user-provided prompts, but users should understand that prompts and image URLs are sent to Xplai's external service.

Install only if you are comfortable sending video prompts and any supplied image URLs to Xplai for processing. Avoid secrets, confidential code, private documents, personal data, or signed/private media links, and confirm before using it when the user only asked for a normal explanation.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (6)

Lp3

Medium
Category
MCP Least Privilege
Confidence
94% confidence
Finding
The skill explicitly depends on an external service (xplai.ai) and exposes commands that necessarily perform network communication, yet the metadata declares only a binary requirement and no corresponding network permission or disclosure. This creates a transparency and policy-enforcement gap: hosts and users may not realize content is being transmitted off-platform, which can lead to unintended data exfiltration of prompts or image URLs.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The description says to use this skill 'WHENEVER' users ask to make a video, explain visually, show me how, or create a tutorial, which are broad phrases that can match many benign requests. This increases the chance of unintended activation and accidental sharing of user content with the external video service without sufficiently specific user intent or consent.

Vague Triggers

Medium
Confidence
91% confidence
Finding
The proactive recommendation rules cover very common topics like math, news, code, and language learning, making the skill likely to be suggested or engaged in a wide range of conversations. In context, this is more dangerous because the skill uses a third-party network service and could nudge users into disclosing sensitive or copyrighted material for external processing without a tailored warning.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill explains how to generate videos and even accepts optional image URLs, but it does not warn users that their prompt contents and referenced media will be sent to an external video-generation service. Because the recommended use cases include news, code, tutoring, and language help, users may provide sensitive, proprietary, or personal information under the assumption the interaction remains local.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
When debug mode is enabled, the utility logs full request parameters or JSON bodies and also logs full response bodies. In a video-generation skill, these payloads may contain prompts, user-provided content, API tokens, URLs, or other sensitive data, which can be exposed through console logs, log aggregation systems, or shared runtime environments.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The script sends user-provided question text and optional image data to a third-party external API, but this file provides no meaningful notice, consent flow, or data-classification guardrails before transmission. In a skill that users may invoke for arbitrary prompts, this can lead to inadvertent disclosure of sensitive information, especially because users may not realize their content is leaving the local environment.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal