ClawHub

Video Analyzer (TikTok + YouTube + Instagram)

Security checks across malware telemetry and agentic risk

Overview

The skill does what it claims, but it stores video transcripts locally by default even though the user-facing flow presents saving as optional.

Review before installing. Expect the skill to download media audio, install local transcription dependencies, and write transcripts under the skill directory even before you explicitly choose to save them. Prefer an update that makes retention truly opt-in, sanitizes saved filenames, and avoids passing raw transcript JSON through shell arguments.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Intent-Code Divergence

Medium
Confidence
97% confidence
Finding
The script constructs the output path from the user-controlled video_id without validating or constraining it to a safe filename. An attacker can supply path traversal sequences such as '../' or absolute paths to cause the program to write JSON outside the intended transcripts directory, potentially overwriting arbitrary files writable by the current user.

Vague Triggers

Medium
Confidence
94% confidence
Finding
The activation criteria are broad enough to trigger on common phrases like "summarize this" or "what is this about," especially when combined with many supported domains and references to previously saved videos. That increases the chance of the skill auto-activating in contexts where the user did not intend to download external content or access local transcript history, which can lead to unintended network access, local file reads, and confusing or privacy-impacting behavior.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The description says the skill can analyze a video from a URL, but it does not clearly disclose that it will download third-party media, transcribe content locally, and persist transcripts on disk for later retrieval. This missing disclosure is risky because users may unknowingly trigger external downloads and local data storage involving potentially sensitive audio content, creating privacy, consent, and data-retention concerns.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal