ClawHub

Free Video Highlight Generator

Security checks across malware telemetry and agentic risk

Overview

This skill uses NemoVideo cloud APIs to process user-provided media into highlight clips, which is disclosed and aligned with its stated purpose.

Install only if you are comfortable sending selected videos, URLs, prompts, and basic session metadata to NemoVideo for cloud processing. Avoid confidential footage unless you trust the provider’s retention and privacy practices, and keep any NEMO_TOKEN private.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (6)

Description-Behavior Mismatch

Medium
Confidence
92% confidence
Finding
The manifest markets the skill as a narrow highlight extractor, but the body documents a much broader remote editing and export surface, including overlays, track manipulation, and generic cloud rendering. This mismatch can mislead users and platform reviewers about the actual capability and data flows, increasing the chance of consent bypass and abuse of a more powerful backend than advertised.

Description-Behavior Mismatch

Medium
Confidence
95% confidence
Finding
The public description says uploads are limited to MP4, MOV, AVI, and WebM, while the documentation later claims support for many additional media types such as images and audio. This inconsistency broadens the effective attack surface and can cause users or reviewers to underestimate what content the remote service will ingest and process.

Context-Inappropriate Capability

Medium
Confidence
94% confidence
Finding
Allowing arbitrary remote URL ingestion introduces a materially different risk than user-provided file upload, because the skill can instruct the backend to fetch attacker-controlled or unexpected network resources. In context, this is outside the stated highlight-extraction workflow and can enable privacy issues, unexpected third-party data transfer, and possible server-side request abuse depending on backend protections.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The invocation examples and routing cues are broad enough to catch generic editing or export requests beyond the advertised function. Overly permissive trigger scope raises the chance of accidental activation and use of remote processing features when the user did not clearly intend to invoke this specific cloud skill.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill encourages users to drop footage into chat but does not clearly warn, at the point of use, that files are transmitted to a third-party cloud backend for processing. For a media skill handling potentially sensitive recordings, lack of prominent disclosure undermines informed consent and can expose private content to external services unexpectedly.

Natural-Language Policy Violations

Medium
Confidence
80% confidence
Finding
The skill automatically detects and submits language during session creation without offering user choice or notice. While lower severity than the upload and URL-ingestion issues, this still sends additional user-derived metadata to the backend without explicit consent and may produce incorrect or privacy-sensitive inference.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal