ClawHub

video-creation

Security checks across malware telemetry and agentic risk

Overview

This is a coherent video-generation skill that openly uses Chanjing APIs and local media tools, but users should review its non-neutral avatar and cultural defaults.

Install only if you are comfortable sending scripts, prompts, audio, and generated media through Chanjing and storing intermediate files locally. Use a controlled output directory, avoid confidential or regulated content unless that provider use is approved, and review the avatar age and cultural/ethnicity defaults before using it for neutral, global, or sensitive content.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (10)

Lp3

Medium
Category
MCP Least Privilege
Confidence
89% confidence
Finding
The skill declares no explicit permissions, yet its instructions clearly require environment variables, local file reads/writes, network access to external APIs, and shell execution via ffmpeg/python. This creates a transparency and governance gap: a caller or platform may approve the skill believing it is low-privilege when it actually performs sensitive operations, increasing the risk of unintended data exposure or execution of risky actions.

Description-Behavior Mismatch

Medium
Confidence
95% confidence
Finding
The template hard-codes a default East Asian/Chinese-facing persona and styling whenever the source material does not uniquely specify ethnicity. In a generic video-creation skill, this silently injects demographic and cultural attributes the user did not request, creating biased and misleading outputs and potentially causing discriminatory or inappropriate personalization at scale.

Description-Behavior Mismatch

Medium
Confidence
91% confidence
Finding
The historical-content rules default unspecified non-contemporary scenes toward a Chinese civilization context, which introduces undisclosed regional bias into generated outputs. This can distort historical representation, override user intent, and systematically steer content toward one culture even when the prompt is generic or ambiguous.

Natural-Language Policy Violations

Medium
Confidence
93% confidence
Finding
The skill hard-codes a default preference for 'young, energetic' avatars when selecting presenters, even without user request. This is a biased default that can systematically shape outputs around age-coded stereotypes and user attributes the user did not ask for, creating fairness and appropriateness risks in generated media.

Natural-Language Policy Violations

Medium
Confidence
94% confidence
Finding
The input rules repeat and reinforce the same default preference for younger avatars, making the bias operational rather than incidental. Because this guidance sits in the workflow/input section, it is likely to be applied broadly across tasks, increasing the chance of non-consensual persona selection and discriminatory output patterns.

Natural-Language Policy Violations

Medium
Confidence
92% confidence
Finding
The prompt template hard-codes a China-default cultural and geographic framing whenever the user does not explicitly request another locale. This can systematically override user intent, inject hidden demographic bias into generated outputs, and cause the agent to produce misleading or exclusionary content that appears factual or neutral but is actually policy-driven.

Natural-Language Policy Violations

Medium
Confidence
90% confidence
Finding
This rule goes beyond a default and mandates East Asian/Chinese civilizational consistency based on inferred topic cues, including faces, clothing, architecture, and objects. That creates a strong hidden steering mechanism that can misrepresent historical or contemporary subjects, encode ethnicity-based assumptions, and make the model less reliable and less fair when handling ambiguous or multicultural topics.

Natural-Language Policy Violations

High
Confidence
97% confidence
Finding
The skill explicitly enforces an East Asian ethnicity default when the input does not uniquely imply ethnicity. This is a stronger prompt-safety issue than mere regional style bias because it compels demographic assignment to recognizable people without user authorization, which can produce discriminatory, stereotyping, or identity-altering outputs.

Natural-Language Policy Violations

High
Confidence
98% confidence
Finding
The template requires ethnicity-specific wording whenever recognizable people appear, even if the source material does not support any ethnicity inference. That creates a systematic mechanism for demographic profiling in generated prompts, increasing the chance of biased outputs and making the behavior pervasive across many scenes rather than incidental.

Natural-Language Policy Violations

Medium
Confidence
90% confidence
Finding
For inferred China-related historical narratives, the template hard-codes 'natural East Asian facial features' without offering a user choice or fallback. While historical self-consistency can be legitimate, making ethnicity text mandatory and automatic still risks overreach, incorrect inference, and exclusionary behavior when the source material is ambiguous or multicultural.

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal