ClawHub

Weixin Video

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed cloud video-formatting skill, but users should know selected media and edit prompts are sent to NemoVideo for processing.

Install only if you are comfortable sending the videos, audio/images, edit instructions, and related session metadata you provide to mega-api-prod.nemovideo.ai. Avoid sensitive private media unless you trust that provider, and use a dedicated token if possible.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (4)

Description-Behavior Mismatch

Medium
Confidence
90% confidence
Finding
The skill markets itself as a simple WeChat video formatter, but the documented behavior exposes a much broader remote editing surface including timeline edits, overlays, audio handling, state inspection, and export orchestration. This capability mismatch can mislead users and host systems about what the skill may do with uploaded media, increasing the chance of overbroad data handling and unintended actions.

Context-Inappropriate Capability

Low
Confidence
84% confidence
Finding
The skill derives local install-platform information from filesystem path and transmits it as an attribution header, even though that metadata is not necessary for basic video formatting. Unnecessary environment-derived data transmission increases fingerprinting and privacy exposure, especially when combined with authentication and session identifiers.

Vague Triggers

Medium
Confidence
87% confidence
Finding
Routing 'everything else' to the SSE editing action creates an overly permissive trigger that can capture unrelated or ambiguous user requests and send them to a remote backend. In a skill that accepts free-form prompts and uploaded media, this broad fallback increases the risk of unintended remote processing and scope creep beyond user expectations.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill instructs the agent to upload user videos to a cloud backend and create authenticated sessions, but it does not clearly warn users that their media will leave the local environment. For user-generated videos, this omission creates a meaningful privacy and consent risk because sensitive visual/audio content may be transmitted to a third-party service unexpectedly.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal