ClawHub

pet video narration

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed pet-video narration workflow with expected media-processing commands and no evidence of hidden data access, persistence, or destructive behavior.

Install if you are comfortable giving the agent a pet video and pet profile details for narration generation. Confirm the desired language and voice before generation, and approve any ffmpeg installation only if you want the environment modified. Check output paths because the provided ffmpeg examples overwrite generated media filenames.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Context-Inappropriate Capability

Medium
Confidence
93% confidence
Finding
The skill instructs installing ffmpeg via `apt-get install -y ffmpeg`, which introduces unnecessary system-level package modification for a content-generation workflow. In an agent/runtime context, allowing package installation expands the attack surface, can fail unpredictably, and may be abused to alter the environment beyond the skill's stated purpose.

Natural-Language Policy Violations

Medium
Confidence
74% confidence
Finding
The skill description frames the experience around Chinese-language narration and does not require confirming the user's preferred output language before generation. This can cause unintended output, privacy/usability issues, and poor alignment with user intent, though it is not a direct system-compromise vector.

Natural-Language Policy Violations

Medium
Confidence
84% confidence
Finding
The voice-selection table hard-codes Mandarin voices as the default for most scenarios, which can steer output into a language the user did not request. In context this is mainly a product safety and consent issue rather than a security compromise, but the skill context makes it more likely to produce misaligned or surprising output for non-Chinese-speaking users.

VirusTotal

58/58 vendors flagged this skill as clean.

View on VirusTotal