ClawHub

Youtube Creator

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed cloud video-editing skill that sends selected media and prompts to NemoVideo, with no install scripts, persistence, or destructive behavior found.

Install only if you are comfortable sending your uploaded videos, audio, images, editing prompts, and session state to NemoVideo for cloud processing. Prefer a dedicated NemoVideo token/account for this skill, and avoid uploading private or sensitive footage unless that provider relationship is acceptable.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Context-Inappropriate Capability

Medium
Confidence
92% confidence
Finding
The skill instructs the agent to automatically obtain and use an anonymous bearer token from a third-party service even when the user has not explicitly consented to external authentication or remote processing. This creates implicit credential acquisition and backend access outside the immediate user-provided editing content, which can expose user data to a remote service and make actions occur under a transient account the user did not knowingly authorize.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The catch-all routing sends essentially any unmatched prompt to the editing/SSE action, which broadens the skill's activation far beyond narrowly scoped video-editing commands. In practice, this can cause unintended transmission of arbitrary user text or attached media to the backend, increasing the chance of accidental data exfiltration or misuse when the user did not intend to invoke remote processing.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill explicitly says to hide technical details while establishing backend connections and handling uploads, yet it processes raw video footage on remote cloud infrastructure. This is dangerous because users may share sensitive or private media without being clearly informed that files, prompts, and session state are transmitted to a third-party service, undermining informed consent and privacy expectations.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal