ClawHub
Back to skill

Security audit

Video Recommendation

Security checks across malware telemetry and agentic risk

Overview

This appears to be a video recommendation skill whose personalization behavior is expected for its purpose, with some privacy and routing caveats but no evidence of harmful behavior.

Install only if you are comfortable with a recommendation skill using the current conversation to tailor video suggestions. Avoid sharing private details unless you want them considered in recommendations, and ask it to ignore prior context when you want neutral results.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
95% confidence
Finding
The trigger phrases are broad, generic requests like 'what should I watch?' and 'recommend some videos,' which can cause the skill to activate for common conversational intents without sufficient specificity. This increases the chance of overreach or incorrect routing, leading the agent to invoke browsing/link-gathering behavior when a simpler answer or different skill would be more appropriate.

Natural-Language Policy Violations

Medium
Confidence
88% confidence
Finding
The skill explicitly instructs the agent to infer and use a user's language preference from context, but it does not require an explicit user choice or opt-in. That creates a privacy and autonomy risk because the system may profile the user from conversational signals and act on inferred sensitive preferences without transparency or consent.

Missing User Warnings

Low
Confidence
90% confidence
Finding
The sample run explicitly says recommendations are based on 'what we've been talking about lately,' which implies use of prior conversation context without any notice, consent cue, or boundary on what recent chat data may be used. While this is presented as example behavior rather than code, it normalizes context-sensitive profiling and could lead users to disclose more or be surprised that chat history is being mined for recommendations.

Missing User Warnings

Low
Confidence
92% confidence
Finding
The prompt 'Based on my recent chat' encourages analysis of prior chat history but provides no warning about privacy implications, retention boundaries, or what scope of conversation is considered. In a recommendation skill, this can cause unanticipated use of personal context and create a misleading expectation that silent history access is normal and safe.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal