ClawHub

Skill Runway Video Gen

Security checks across malware telemetry and agentic risk

Overview

This skill is a straightforward Runway video generator, with some credential-storage and download-validation cautions but no evidence of hidden or malicious behavior.

Install only if you are comfortable giving the skill a Runway API key, paying Runway generation costs, and uploading the selected image and prompt to Runway. Prefer RUNWAY_API_KEY or a dedicated Runway-only secret, avoid using a shared ~/tiktok-api.json file, and do not submit confidential images or prompts unless Runway's handling of that content is acceptable.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Taint TrackingDirect Taint Flow, Variable-Mediated Taint Flow, Credential Exfiltration Chain
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Tainted flow: 'video_url' from requests.get (line 103, network input) → requests.get (network output)

Medium
Category
Data Flow
Content
sys.exit(1)
            video_url = outputs[0]
            print(f"[runway] Downloading video from {video_url[:60]}...")
            video_resp = requests.get(video_url, timeout=60)
            os.makedirs(os.path.dirname(os.path.abspath(args.output)), exist_ok=True)
            with open(args.output, "wb") as f:
                f.write(video_resp.content)
Confidence
94% confidence
Finding
video_resp = requests.get(video_url, timeout=60)

Context-Inappropriate Capability

Medium
Confidence
91% confidence
Finding
The skill reads credentials from ~/tiktok-api.json, an unrelated local credential store, even though the skill is for Runway video generation. This expands the skill's access to local secrets beyond what users would reasonably expect and creates unnecessary exposure if that file contains additional tokens or sensitive metadata.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill instructs users to supply a sensitive API key via an environment variable or a local JSON file, but provides no warning about secure storage, least-privilege handling, or avoiding accidental disclosure in logs, repos, or shared home directories. Because this skill also performs networked API calls, mishandled credentials could let an attacker or another process reuse the key for unauthorized API usage and billing abuse.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal