ClawHub

Viral Video Replicator

Security checks across malware telemetry and agentic risk

Overview

This skill appears purpose-built for video analysis, but it asks users to provide cloud secrets in chat and sends media/audio to external services without enough privacy and scoping guidance.

Install only after reviewing the data flow. Use temporary or least-privilege Volcano/TOS/ASR credentials, avoid pasting long-lived secret keys into chat when your environment offers a secret store, and process only media you have rights and consent to analyze. Expect selected frames, optional audio, transcripts, and presigned storage URLs to leave your local machine for cloud processing.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (8)

Vague Triggers

Medium
Confidence
80% confidence
Finding
The README uses broad natural-language activation examples such as 'analyze this video' and 'replicate this viral video', which can overlap with ordinary user requests and cause the skill to trigger in contexts the user did not explicitly intend. Because this skill processes reference videos, may invoke local tools, and may send content to external APIs, accidental invocation increases privacy and data-handling risk.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The README describes uploading and transcribing reference videos via cloud APIs and object storage, but does not provide explicit warnings about privacy, third-party processing, consent, retention, or handling of copyrighted/competitor content. In this skill's context, users may submit videos containing faces, voices, or proprietary marketing material, so the omission materially raises the risk of unauthorized disclosure or non-compliant processing.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill asks users to provide highly sensitive cloud credentials, including access key and secret key, directly in conversation, without any warning about secure handling, scoping, retention, or least privilege. This creates a real risk of credential theft, accidental logging, overbroad account compromise, and misuse beyond the immediate task.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill describes uploading extracted audio to cloud storage and ASR services but does not clearly warn users that media content, speech, and potentially third-party personal data will be transferred off-device. This can lead to privacy violations, regulatory issues, and unexpected disclosure of sensitive or copyrighted content.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The document instructs the agent to upload audio to TOS and provide a presigned URL to an external ASR endpoint, but it does not mention user consent, disclosure, data retention, or handling of potentially sensitive speech content. In a video-analysis skill, uploaded audio may contain personal conversations, biometric voice data, or confidential information, so silent third-party transmission creates a real privacy and compliance risk.

Ssd 3

Medium
Confidence
96% confidence
Finding
The workflow operationalizes collection and handling of sensitive credentials as part of normal chat interaction, which is dangerous because conversational channels may be logged, retained, or exposed to unintended parties. Combining API keys, ASR tokens, and storage credentials materially increases the blast radius if any one transcript or session is compromised.

Ssd 3

Medium
Confidence
97% confidence
Finding
The clarification flow explicitly instructs the agent to solicit cloud credentials in conversation, normalizing unsafe secret-sharing behavior. This is dangerous because users may paste privileged credentials into chat, where they can be logged, replayed, or mishandled, leading to unauthorized access to storage, models, and audio-processing infrastructure.

Ssd 3

Medium
Confidence
88% confidence
Finding
Returning raw transcripts and frame materials as a fallback can unnecessarily expose personal data, copyrighted media, biometric information, or third-party speech/content that was only supplied for analysis. In degraded modes, this increases the chance of over-disclosure because the skill defaults to sharing underlying artifacts rather than minimizing output.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal