ClawHub

AI解说大师 Narrator AI Skill

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed wrapper for a video-narration API CLI, with expected use of an API key, media uploads, paid task creation, and local config storage.

Install only if you intend to use the Narrator AI service and are comfortable sending selected media, subtitles, prompts, and task metadata to its cloud API. Protect the NARRATOR_APP_KEY, review costs with balance/budget commands before creating jobs, confirm batch work explicitly, and require a separate confirmation before file deletion or account-key changes.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (8)

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The README encourages natural-language requests like creating multiple narration videos, but it does not clearly warn users that these actions may trigger paid external API calls and automated batch job creation. In an agent-skill context, vague prompts can cause an LLM-driven agent to initiate costly operations without explicit user confirmation, increasing the risk of unexpected charges and unintended external processing.

Vague Triggers

Medium
Confidence
94% confidence
Finding
The example trigger phrase is extremely broad and overlaps with normal conversation about making a movie commentary video. In an agent skill ecosystem, vague trigger language increases the chance of unintended invocation, causing the agent to perform external-service actions or start a production workflow when the user did not explicitly intend to use this skill.

Vague Triggers

Medium
Confidence
93% confidence
Finding
Telling users to 'directly use natural language' without specifying what requests should or should not invoke the skill creates ambiguous routing conditions for the agent. This can lead to accidental execution of file operations, external API calls, or paid media-generation tasks based on casual or exploratory user phrasing.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The README advertises upload, download, delete, and video-generation capabilities but does not warn about data impact, persistence, overwrite risks, or irreversible deletion. In agent-driven environments, missing safety notices increase the likelihood of the agent performing destructive or privacy-affecting actions without meaningful user consent.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The documentation instructs users to configure an API key and use an external video-generation service but does not clearly disclose that prompts, media, and related metadata may be transmitted to a third party. This omission can cause users or agents to send sensitive content off-platform without informed consent, creating privacy, compliance, and credential-handling risk.

Vague Triggers

Medium
Confidence
76% confidence
Finding
The activation criteria are very broad and can trigger the skill for generic video-production or dubbing requests outside the user's intent. In an agent setting, overbroad invocation increases the chance of unnecessary third-party API use, file upload, account actions, and unintended processing of user media.

Natural-Language Policy Violations

Medium
Confidence
72% confidence
Finding
Defaulting output language to Chinese without clear opt-in can cause unintended disclosure, misprocessing, or user-harm in multilingual contexts, especially when generating paid content automatically. While not severe on its own, it can lead to incorrect content generation and unnecessary consumption of account credits.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The description is extremely broad and trigger-oriented, covering many generic user intents such as video narration, dubbing, content creation, and automation. In an agent ecosystem, this can cause the skill to be invoked for requests beyond the user's actual intent, increasing the chance of unnecessary tool execution, unintended API calls, and exposure of user prompts or metadata to the external CLI/service.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal