ClawHub

video-translation

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed video-dubbing skill, but it uses third-party TTS, voice cloning, and optional API-key storage that users should handle carefully.

Install only if you trust the external downloader, the Noiz TTS skill, and the Noiz service. Use this only for videos and voices you have permission to translate and clone, avoid persisting NOIZ_API_KEY in repository files, and choose a new output filename to prevent accidental overwrite.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Lp3

Medium
Category
MCP Least Privilege
Confidence
89% confidence
Finding
The skill clearly performs file reads and writes, including downloading media, reading SRT files, writing translated subtitles, generating audio, and producing a final video, yet it declares no permissions. Missing permission declarations reduce transparency and informed consent, making it easier for an agent or user to invoke filesystem operations without understanding the scope of access.

Context-Inappropriate Capability

Medium
Confidence
95% confidence
Finding
The skill instructs the agent to persist a user-provided NOIZ API key into a project .env file or tool config, creating a credential storage side effect unrelated to the core translation task. Persisting secrets in project files can expose them to source control, other tools, or later unintended reads, especially in shared or multi-agent workspaces.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The workflow explicitly enables voice cloning from the original speaker by slicing the video's audio and using it as a per-segment reference, but the skill description does not warn users that it is cloning a person's voice. This omission is significant because voice cloning raises impersonation, consent, and misuse risks that go beyond ordinary TTS behavior.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill sends subtitle text to a translation process and uses an external Noiz backend for TTS, potentially transmitting subtitle content and audio-derived reference data to third-party services, but it does not disclose that data leaves the local environment. Users may unknowingly expose copyrighted, sensitive, or personal content from videos when invoking the skill.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The script invokes ffmpeg with the -y flag, which forces overwrite of the destination path without prompting. If an attacker or mistaken caller can control --output, existing files can be silently replaced, causing data loss or clobbering of arbitrary writable files; in this media-processing skill, the main risk is accidental overwrite rather than code execution.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal