ClawHub

Video Multi-Platform Publish

Security checks across malware telemetry and agentic risk

Overview

This looks like a local ffmpeg video-clipping/demo script, but it advertises real multi-platform publishing and analytics without the disclosures or safeguards those actions would need.

Review before installing. Treat this as a local ffmpeg clipping/demo utility, not a production-ready publishing system. Do not provide platform credentials or rely on it for public posting unless the publisher adds accurate documentation, clear authentication and data-flow disclosures, per-platform confirmation, and safe dry-run behavior.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (5)

Lp3

Medium
Category
MCP Least Privilege
Confidence
83% confidence
Finding
The skill advertises and demonstrates shell execution (`python ...`, package installation, network commands) while the documentation indicates no declared permissions. In an agent ecosystem, missing permission declarations can cause users or orchestration systems to approve or run a skill without understanding that it invokes local commands and external tooling, increasing the risk of unintended command execution.

Tp4

High
Category
MCP Tool Poisoning
Confidence
91% confidence
Finding
The documentation substantially overstates functionality such as one-click publishing, analytics tracking, intelligent optimization, and platform integration, while the analyzed behavior appears limited or simulated. This mismatch is security-relevant because users may grant trust, credentials, or operational approval under false assumptions about what the skill really does, making social-engineering style misuse and unsafe deployment more likely.

Missing User Warnings

Medium
Confidence
86% confidence
Finding
The skill promotes publishing to multiple third-party platforms and collecting analytics without disclosing account access requirements, outbound data flows, or privacy consequences. Users may unknowingly expose video content, metadata, schedules, and account-linked analytics to external services, which is especially risky in an automation context.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The quick-start commands present immediate publish actions as routine examples without warning that execution could trigger public distribution to external platforms. In agent or copy-paste usage, this can lead to accidental publication of sensitive or unfinished content and unintended disclosure of account-linked information.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The trigger list includes generic phrases such as "video publish", "multi-platform", and "一键发布", which can match broad, common user requests and cause the skill to activate outside its intended scope. In a skill that can automate clipping, optimization, and publishing workflows, overbroad activation increases the chance of unintended invocation, wrong-skill routing, and accidental execution of sensitive publishing-related actions.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal