ClawHub

Video To Markdown

Security checks across malware telemetry and agentic risk

Overview

This skill is not clearly malicious, but it needs Review because it asks agents to run unbundled relative scripts and use sensitive browser cookies/API keys without enough guardrails.

Install only if you are comfortable with video frames, transcripts, and metadata being sent to an external AI provider. Do not use it on confidential or private videos unless that is acceptable. Treat cookie files and ANTHROPIC_API_KEY as secrets, avoid printing or sharing them, and verify the referenced scripts come from the intended repository before running setup or analyzer commands.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
92% confidence
Finding
The trigger text is extremely broad and is designed to auto-activate on many ordinary video-related requests, including simply pasting a supported URL and asking what it is about. Overbroad invocation can cause the agent to run external tooling, process third-party content, and potentially incur cost or transmit data without sufficiently explicit user intent.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill instructs use of authentication cookies for Facebook and Instagram but does not prominently warn that these cookies are sensitive credentials tied to the user's logged-in account. Mishandling or sharing exported cookies can enable account takeover, session hijacking, or unauthorized access to private content.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill states that frames and transcript are sent to Claude vision, but it does not present a clear privacy warning that video content, extracted images, and transcripts are transmitted to an external AI provider. Users may unknowingly expose copyrighted, sensitive, personal, or confidential content to a third party.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal