ClawHub

Video Trimmer Flutter

Security checks across malware telemetry and agentic risk

Overview

This skill appears to be a legitimate cloud video-editing helper, but its remote API routing is broader than a simple trimmer and could send ambiguous prompts or media-editing instructions to NemoVideo without tight scoping.

Review before installing. Use it only if you are comfortable sending selected videos, images, audio, editing prompts, and timeline state to NemoVideo's remote service. Avoid confidential or regulated media unless you trust the provider's data handling, and treat NEMO_TOKEN as a private credential.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Description-Behavior Mismatch

Medium
Confidence
92% confidence
Finding
The skill advertises simple video trimming/export, but the documented behavior expands into broader media editing capabilities including text overlays, audio tracks, and handling of image/audio assets. This scope mismatch can mislead users about what data and actions are in play, increasing the chance that users provide more sensitive content than they intended or that the skill is invoked for broader operations than expected.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The getting-started prompt says to share clips or even just say what the user is thinking, which is broad enough to activate the skill from casual conversation rather than deliberate editing intent. In a skill that automatically connects to a remote API on first interaction, overly broad invocation language raises the risk of unintended session creation and accidental transmission of user content.

Vague Triggers

Medium
Confidence
94% confidence
Finding
The catch-all rule routes 'Everything else' to the SSE backend, effectively sending any unmatched prompt to a remote processing service. This is dangerous because ambiguous or unrelated user messages may be exfiltrated to the vendor backend without a clear, feature-specific trigger or user consent.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
Although the document later mentions remote GPU processing, the skill description and early user-facing setup do not prominently warn that uploaded media and editing instructions are sent to third-party remote services. Users may reasonably assume local or minimally scoped processing, so the lack of upfront disclosure creates a privacy and consent risk.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal