ClawHub

Video Editor Ai Offline

Security checks across malware telemetry and agentic risk

Overview

This skill is presented as offline local video editing, but its own instructions send videos and prompts to a cloud service for processing.

Treat this as a cloud video-editing integration, not an offline editor. Install only if you are comfortable sending video files, screen recordings, prompts, and render metadata to the nemovideo.ai service using a bearer token; avoid confidential, regulated, credential-containing, or truly offline-only footage unless the publisher corrects the offline claims and provides clear privacy, retention, and consent details.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (6)

Description-Behavior Mismatch

High
Confidence
99% confidence
Finding
The skill is marketed as offline/local editing, but the instructions require cloud authentication, remote API calls, and server-side rendering. This is dangerous because users may rely on the offline/privacy claim and upload sensitive video content under a false assumption that data never leaves their machine.

Intent-Code Divergence

High
Confidence
98% confidence
Finding
The documentation says the skill provides offline editing, yet later states that processing runs on remote GPU nodes and that nothing is installed locally. This contradiction can mislead users about privacy, connectivity, and data handling, causing them to expose confidential media in situations where they expected local-only processing.

Intent-Code Divergence

High
Confidence
98% confidence
Finding
The example and tips explicitly promise export 'without internet' even though the workflow depends on cloud APIs for upload, editing, and export. This increases the likelihood of deceptive handling of user media and may cause users in regulated or air-gapped environments to use the skill inappropriately.

Context-Inappropriate Capability

Medium
Confidence
92% confidence
Finding
The skill requires access to an environment token and config paths while presenting itself as an offline editor. Undisclosed credential use is risky because users may not expect the skill to read secrets or initialize cloud access, especially when the branding suggests no network dependency.

Missing User Warnings

High
Confidence
97% confidence
Finding
The skill instructs the agent to upload user video files and prompts to a remote backend without a prominent user-facing warning that data will be transmitted off-device. This is dangerous because screen recordings often contain sensitive information, credentials, internal tools, or personal data, and users are primed to believe the workflow is local/offline.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill accesses or acquires authentication tokens without clearly warning the user that credentials are being used to contact external services. Hidden credential consumption reduces transparency and can lead to unauthorized or surprising use of accounts or quotas.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal