ClawHub

Subtitle Generator Chrome

Security checks across malware telemetry and agentic risk

Overview

This skill appears to send user videos to a cloud video backend and gives the agent broader editing and export authority than a subtitle-only tool clearly implies.

Install only if you are comfortable sending videos and prompts to the NemoVideo-style cloud backend. Treat it as a general cloud video editor, not just a subtitle tool, and avoid using it with private, regulated, copyrighted, or client-sensitive media unless the service terms and retention practices are acceptable.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (5)

Description-Behavior Mismatch

Medium
Confidence
91% confidence
Finding
The skill is presented as a subtitle generator, but the instructions authorize much broader cloud-based video editing, rendering, export, and session orchestration. This scope mismatch can mislead users and host systems into sending content and commands to remote services for operations beyond what the skill name and description reasonably imply, increasing the chance of unintended data handling and privilege overreach.

Context-Inappropriate Capability

Low
Confidence
83% confidence
Finding
The skill includes token acquisition, session management, credit balance inspection, and export entitlement handling that go beyond a narrow subtitle-generation function. Even if operationally useful, these account-related capabilities expand access to user-linked service state and billing context without being clearly justified by the stated purpose, violating least-privilege expectations.

Vague Triggers

Medium
Confidence
86% confidence
Finding
The example invocation language is broad and generic enough that the skill may activate on loosely related video-generation or editing requests. Overbroad triggering can cause accidental routing of user prompts and files to this external service, leading to unintended remote processing and data disclosure.

Vague Triggers

Medium
Confidence
95% confidence
Finding
The catch-all rule routing 'Everything else' to SSE creates an overly broad execution path for arbitrary editing requests. This substantially increases the chance that unrelated user input will be forwarded to the remote backend, expanding data exposure and making the skill behave like a general-purpose cloud editor rather than a narrowly scoped subtitle tool.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill does state that processing runs on remote GPU nodes, but it does not provide a sufficiently clear upfront warning in the main description or invocation flow that uploaded video files are transmitted to third-party cloud services. Because videos may contain sensitive personal, commercial, or copyrighted material, insufficient disclosure undermines informed consent and creates privacy risk.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal