ClawHub

How To Become Content Creator

Security checks across malware telemetry and agentic risk

Overview

This video-editing skill is purpose-aligned, but it gives broad instructions to send prompts and media to a cloud backend with weak activation boundaries and limited privacy detail.

Install only if you trust the NemoVideo backend and are comfortable sending prompts and media files to it. Avoid uploading private screen recordings, confidential audio, or personal footage unless you have reviewed the provider's privacy and retention terms, and confirm the exact files and export actions before using it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
94% confidence
Finding
The skill invites activation from very generic language like sharing clips or describing what the user is thinking, which can cause unintended invocation during normal conversation. Because the skill can initiate authenticated network actions and create remote sessions, accidental triggering increases the chance of unintended uploads, session creation, or backend interaction without clear user intent.

Vague Triggers

Medium
Confidence
95% confidence
Finding
Example trigger phrases such as "create my raw video clips" and the incomplete phrase "trim pauses, add intro text, and" are too vague and overlap with ordinary user language. In an agent environment, such ambiguous examples can encourage overmatching and cause the skill to activate when the user did not intend to invoke a cloud video-processing workflow.

Vague Triggers

Medium
Confidence
97% confidence
Finding
The routing table includes a catch-all rule that sends everything else to the SSE editing path, effectively treating many unrelated prompts as commands for the remote backend. This is especially risky because the SSE path can transmit arbitrary user text to an external service and mutate project state, so overbroad routing materially increases the chance of unintended data disclosure and unauthorized actions.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal