ClawHub

Subtitle Translator Free

Security checks across malware telemetry and agentic risk

Overview

This skill is a cloud subtitle/video processor, but its instructions allow broader media editing and broad prompt forwarding than its subtitle-translator framing suggests.

Install only if you are comfortable sending selected videos, images, audio, URLs, and free-form editing instructions to NemoVideo's cloud backend. Avoid private or sensitive media unless you have reviewed the provider's privacy and retention practices, and keep NEMO_TOKEN private.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (6)

Description-Behavior Mismatch

Medium
Confidence
88% confidence
Finding
The skill is presented as a subtitle-translation utility, but the documented routing and backend capabilities expand it into a general-purpose video editing/export tool. This scope mismatch can cause users and calling agents to disclose files or issue commands under a narrower trust assumption than the skill actually uses, increasing the chance of unintended data handling and overbroad invocation.

Description-Behavior Mismatch

Low
Confidence
79% confidence
Finding
The accepted input list includes images and standalone audio files even though the skill is marketed as a video subtitle translator. This discrepancy can mislead users and orchestrators about what data types may be uploaded to the cloud backend, creating unnecessary data exposure and expanding the attack surface beyond the declared use case.

Context-Inappropriate Capability

Medium
Confidence
90% confidence
Finding
The skill embeds generalized cloud rendering, editing, export, and state-management workflows unrelated to a narrowly described subtitle-translation function. This creates capability creep: an agent may route arbitrary editing requests and transmit more user content and instructions to a remote service than users expect, which is risky in a file-processing skill.

Vague Triggers

Medium
Confidence
93% confidence
Finding
Routing 'Everything else' to this skill makes it a catch-all handler for unmatched requests, which can cause accidental invocation on unrelated prompts. In a skill that uploads user media and sends instructions to a cloud backend, overly broad matching materially raises the risk of unintended data transfer and unexpected actions.

Vague Triggers

Medium
Confidence
84% confidence
Finding
Telling users to 'just describe what you're after' invites free-form requests well beyond the skill's stated purpose. In combination with the backend routing and broad capabilities, this increases the chance the skill will collect media or act on vague requests without users understanding the cloud processing scope.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The top-level description omits an upfront disclosure that user files and instructions are sent to a third-party cloud backend. For a media-processing skill handling potentially sensitive video/audio content, this lack of transparency undermines informed consent and can lead to privacy and compliance issues if users assume local-only processing.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal