ClawHub

Iflytek Video Translate

Security checks across malware telemetry and agentic risk

Overview

The skill mostly matches a video-translation integration, but it includes an underdocumented command that can skip a manual transcript review step in the user's iFlytek workflow.

Install only if you are comfortable sending video URLs and related job metadata to iFlytek under the configured account. Treat confirm_transcript as privileged: do not let an agent run it automatically unless you intend to skip manual transcript review and continue downstream processing.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (6)

Description-Behavior Mismatch

Medium
Confidence
96% confidence
Finding
The skill metadata and top-level documentation advertise read/create operations, but the implementation also exposes confirm_transcript, which changes workflow state and explicitly skips manual review. This hidden capability increases the chance that an agent or user invokes a state-changing operation without understanding that it bypasses a human checkpoint.

Intent-Code Divergence

Medium
Confidence
95% confidence
Finding
The inline documentation and user-facing text frame the action as simple confirmation, but the code states it will skip manual intervention and optionally force rerun downstream processing. That misleading presentation can cause operators or autonomous agents to approve unreviewed transcript content, potentially propagating incorrect, unsafe, or policy-violating output into later translation and dubbing stages.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The README describes submitting video translation tasks but does not clearly warn that video URLs and related task metadata are sent to iFlytek's third-party service. Users may unknowingly provide sensitive internal media links or metadata, creating privacy, compliance, or confidentiality risks in contexts where external transmission is restricted.

Missing User Warnings

Low
Confidence
90% confidence
Finding
The README presents task listing as harmless but does not warn that listing all tasks may reveal historical job metadata associated with the user's account. In shared environments or demos, this can expose filenames, URLs, languages, timestamps, or other operational details that users may not expect to disclose.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill encourages users to submit video URLs for processing by iFlytek but does not prominently warn that the referenced media and related metadata are sent to an external third-party service. This creates a privacy and data-governance risk, especially for confidential, proprietary, or personal video content.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The confirm_transcript action performs a sensitive workflow transition that skips manual review, yet there is no interactive confirmation, policy check, or safeguard to ensure the caller intended to bypass that control. In an agent context, this makes accidental or automated approval of unverified transcripts more likely, reducing human oversight over generated media content.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal