ClawHub

Editor Ai Easy

Security checks across malware telemetry and agentic risk

Overview

This appears to be a cloud video-editing skill, but its media upload, remote fetching, and broad backend routing need review before users send private footage.

Install only if you are comfortable sending the selected media, prompts, and any remote URLs to the provider’s cloud backend. Avoid private, biometric, confidential, or copyrighted footage unless the provider’s retention and privacy terms are acceptable, and require explicit confirmation before uploads or remote URL fetching.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Description-Behavior Mismatch

Medium
Confidence
95% confidence
Finding
The manifest frames the skill as editing uploaded video footage, but the documented upload path also supports arbitrary remote URLs and a much broader set of media types, including non-video assets. This expands the skill's effective capability beyond the disclosed purpose, creating a scope mismatch that can lead to unintended remote fetching, privacy issues, and user surprise about what content is being imported and processed.

Vague Triggers

Medium
Confidence
83% confidence
Finding
The startup prompt and suggested phrases are broad enough that the skill may activate on loosely related editing/export language without clear confirmation that the user intended to invoke this specific cloud-backed workflow. Unintended activation is riskier here because the skill can create sessions, acquire anonymous tokens, and begin processing user media on a third-party backend.

Vague Triggers

Medium
Confidence
93% confidence
Finding
The catch-all routing rule sends "everything else" to the SSE action, which effectively grants broad backend interaction for any unmatched prompt. In a skill that can manipulate remote state and process uploads, ambiguous routing increases the chance of unintended operations, data transmission to the backend, and user confusion about what commands will be executed.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill sends user media to a cloud processing backend and may also create anonymous tokens and remote sessions, but the user-facing description does not clearly warn that files leave the local environment for third-party processing. This omission is especially important for video content, which often contains sensitive personal, biometric, location, or copyrighted material.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal