ClawHub
Back to skill

Security audit

think-x-actually-y-video-gen

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed paid WeryAI video-generation skill; its optional local image upload path carries privacy risk but is documented and gated by explicit user approval.

Install only if you trust the publisher and WeryAI. Keep WERYAI_API_KEY private, review the full prompt and parameters before approving paid generation, and use local image paths only when you intentionally want that image uploaded to WeryAI; otherwise provide public HTTPS image URLs.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Description-Behavior Mismatch

Medium
Confidence
91% confidence
Finding
The documentation explicitly describes a path where non-HTTPS image inputs are treated as local files, read from disk, and uploaded to a remote WeryAI endpoint. In a skill whose normal purpose is simple video generation from prompts/public image URLs, documenting this capability broadens data access and exfiltration behavior beyond the narrow expected scope, increasing the risk that an agent reads and uploads unintended local files if given attacker-controlled paths.

Context-Inappropriate Capability

Medium
Confidence
89% confidence
Finding
These lines describe reading arbitrary local files from disk and POSTing them to an external service using the API key, which creates a concrete local-data-to-remote-transfer mechanism. Even if intended as a convenience feature, that behavior is disproportionate to the skill's debunk-video use case and becomes more dangerous in an agent setting where user or prompt input may influence file paths.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.