ClawHub

Video Editor Transitions

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed cloud video-editing skill that sends selected media and edit prompts to Nemo Video for processing, with no local executable code or hidden install behavior found.

Install this only if you are comfortable sending your video files, URLs, edit prompts, and generated project state to Nemo Video's cloud service. Use a dedicated Nemo token where possible, avoid uploading sensitive or third-party footage without permission, and confirm ambiguous requests before letting the skill process or export media.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Description-Behavior Mismatch

Medium
Confidence
92% confidence
Finding
The skill is presented as a narrow transition-editing tool, but the instructions expose substantially broader capabilities including remote media ingestion by URL, audio/text editing, state inspection, credits queries, and generic timeline manipulation. That mismatch can mislead users and host systems about what data and actions the skill may perform, increasing the chance of over-broad invocation and unexpected transmission of user content to the backend.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The catch-all rule routes 'everything else' to the SSE editing path, which can cause loosely related or ambiguous user messages to trigger backend editing actions. In a skill that uploads media and sends prompts to a remote service, broad routing increases the risk of unintended processing, privacy surprises, and accidental modification/export workflows.

Vague Triggers

Medium
Confidence
80% confidence
Finding
Phrases like 'Share your video clips and I'll get started' and broad example triggers encourage activation without clearly bounding what will happen next. Overly permissive invocation language can cause users to initiate backend connections or uploads before understanding that remote processing and session creation will occur.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
Although the document later mentions server-side rendering, the skill description does not clearly warn up front that uploaded videos, prompts, and possibly URLs are sent to a remote backend service. This is a privacy and transparency issue because users may provide sensitive media under the impression that editing is local or more limited than it is.

Natural-Language Policy Violations

Medium
Confidence
84% confidence
Finding
Creating sessions with a hard-coded language of 'en' without user choice can lead to misprocessing of non-English requests and unintended transmission of content under incorrect localization assumptions. While not a direct code execution risk, it can degrade correctness, user consent, and safe handling for multilingual prompts.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal