ClawHub

Video analyze by doubao2.0

Security checks across malware telemetry and agentic risk

Overview

This skill does what it claims, but users should only use it for videos they are comfortable sending to Volcengine Ark for AI analysis.

Before installing, confirm you are allowed to send the target video or URL to Volcengine Ark, use a dedicated ARK API key where possible, watch provider costs and quota, and avoid the remote-download fallback for large, sensitive, private, copyrighted, or untrusted videos unless you explicitly approve it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Intent-Code Divergence

Medium
Confidence
96% confidence
Finding
The skill first says remote-video failures must not be retried with tools like web_fetch, but later instructs downloading the remote video into the workspace and processing it locally. This contradictory guidance can bypass the earlier safety restriction, leading the agent to fetch untrusted remote content anyway, which increases SSRF, unsafe download, and data-handling risks.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
This script sends either a local video file or a remote video URL to a third-party AI service (Volcengine Ark) for processing, but it provides no explicit user-facing notice, consent check, or data-classification guard before transfer. Because videos can contain sensitive visual, biometric, or confidential information, silent transmission to an external service creates a real privacy and data-handling risk, especially in agent workflows where the caller may not realize off-device upload occurs.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal