ClawHub

Add Subtitle

Security checks across malware telemetry and agentic risk

Overview

This is a real cloud subtitle/video tool, but it is broader and easier to trigger than its subtitle-focused description suggests.

Review before installing. Use this only if you are comfortable sending media files, URLs, and edit instructions to Nemovideo's cloud service and letting the agent use or create a NEMO_TOKEN. For safer use, require explicit confirmation before setup, upload, URL import, SSE edit requests, and export; avoid confidential or unpublished media unless you trust the provider.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (5)

Description-Behavior Mismatch

Medium
Confidence
94% confidence
Finding
The skill is presented as a simple subtitle generator, but the instructions expose a much broader remote video editing and export pipeline, including generic edits, overlays, audio manipulation, and multiple media types. This scope mismatch can mislead users and host systems about what data and capabilities are actually being delegated to the external service, increasing the risk of unintended processing or overbroad permission use.

Context-Inappropriate Capability

Medium
Confidence
88% confidence
Finding
Allowing URL-based uploads lets the external service fetch arbitrary remote content, which expands the trust boundary beyond user-supplied local video files. This can enable misuse such as importing unintended third-party content, accessing internal or sensitive URLs if not constrained by the backend, or surprising users who expect only direct file uploads for subtitle generation.

Vague Triggers

Medium
Confidence
77% confidence
Finding
The phrase "Or just tell me what you're thinking" is broad enough to match ordinary conversation, increasing the chance that the skill is invoked when the user did not intend to start cloud media processing. In this skill, accidental invocation is more concerning because first interaction triggers authentication/session setup with an external service and may lead to data being sent off-platform.

Vague Triggers

Medium
Confidence
73% confidence
Finding
Example triggers like "export 1080p MP4" are underspecified and could match unrelated requests outside the subtitle workflow. Ambiguous routing increases the chance of activating this skill unexpectedly, though the security impact is somewhat lower than direct data-handling flaws because it mainly affects invocation reliability and user intent clarity.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill description emphasizes convenience and performance but does not clearly warn that user videos, prompts, and session data are sent to a third-party cloud processing service. This lack of upfront disclosure undermines informed consent and is especially risky for potentially sensitive or unpublished video content.

VirusTotal

60/60 vendors flagged this skill as clean.

View on VirusTotal