ClawHub

Manager Video

Security checks across malware telemetry and agentic risk

Overview

This is a cloud video-editing skill, but it automatically creates/uses NemoVideo sessions and tokens and sends user media to a third-party backend with limited upfront disclosure.

Install only if you are comfortable sending selected videos, prompts, and media URLs to NemoVideo’s cloud service. Prefer using a dedicated NEMO_TOKEN, avoid confidential or regulated recordings unless the provider’s privacy and retention terms are acceptable, and expect temporary service-side tokens, sessions, and render jobs during use.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Description-Behavior Mismatch

Medium
Confidence
92% confidence
Finding
The skill is presented as a video-editing tool for uploaded footage, but it also supports fetching content from arbitrary URLs and ingesting many non-video asset types. That broadens data ingress beyond the stated purpose and can enable unreviewed remote content retrieval, creating privacy, policy, and potential SSRF-like abuse surfaces depending on backend behavior.

Context-Inappropriate Capability

Medium
Confidence
88% confidence
Finding
The skill autonomously obtains anonymous tokens from a remote service and establishes a backend session before handling requests. That is security-relevant because it initiates external network access and credential acquisition without clear user awareness or a narrowly justified trust model, which can expose user metadata and enable service misuse under anonymously issued credentials.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill instructs itself to silently contact a remote service, generate a UUID client identifier, and obtain an anonymous token without telling the user. This undermines informed consent and can leak metadata such as generated identifiers, timing, and usage patterns to a third party before the user understands that cloud services are involved.

Missing User Warnings

High
Confidence
98% confidence
Finding
The skill encourages users to upload raw video footage and implies seamless processing, but it does not prominently warn that those files will be transmitted to a remote cloud backend. Because videos may contain sensitive internal meetings, faces, voices, screens, or confidential content, lack of disclosure creates a substantial privacy and data-handling risk.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal