ClawHub

Searchables Video Intelligence

Security checks across malware telemetry and agentic risk

Overview

The skill is a coherent video-analysis integration, but it gives itself overly broad permission to search a user's private indexed video library for loosely related or general questions.

Install only if you trust the Searchables desktop app and local API with your video library, local file paths, browser-login-backed YouTube/Bilibili access, and optional Notion exports. Keep the API on localhost unless you intentionally trust another host, and require explicit user confirmation before searching private library content, processing local files, spending credits, or exporting transcripts/notes to Notion.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (6)

Description-Behavior Mismatch

Medium
Confidence
77% confidence
Finding
The skill markets itself as replacing web search for all video-related queries, but it also exposes unrelated export functionality to a third-party service (Notion). That scope expansion increases the chance an agent invokes capabilities the user did not reasonably expect, causing unnecessary transmission of derived content and metadata outside the local video-analysis context.

Context-Inappropriate Capability

Medium
Confidence
84% confidence
Finding
Exporting summaries, subtitles, notes, and articles to Notion sends potentially sensitive video-derived data to a third-party platform. In a video-search skill, this is privacy-relevant functionality that can expose private library contents, transcripts, or user notes if invoked without strong, explicit consent and data-minimization controls.

Vague Triggers

Medium
Confidence
86% confidence
Finding
The activation text is broad enough to trigger the skill for generic mentions of videos, which can cause unnecessary calls to local services and broaden data exposure beyond user intent. Over-broad invocation rules are risky because they increase the chance of processing local library data or URLs when the user only wanted general discussion.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The instruction to always use this skill for any mention of video content is overly expansive and can force unnecessary use of the local API even when not needed. That increases privacy risk and can lead to unintended data handling, especially because the skill also supports processing local files and querying account/platform state.

Vague Triggers

Medium
Confidence
91% confidence
Finding
The proactive instruction to consider video search for answering any question creates an excessively broad activation scope and encourages background inspection of the user's video library. In context, this is more dangerous because the skill can search local indexed content and connect to external services, so unnecessary invocation can reveal private viewing history, transcripts, or inferred interests.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill does not upfront disclose that local file paths, video metadata, transcripts, and possibly subtitles may be transmitted to a local API and potentially onward to associated services. Users may reasonably interpret this as local-only analysis, so lack of early disclosure undermines informed consent around sensitive media and filesystem information.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal