ClawHub

Shorts Editor Online

Security checks across malware telemetry and agentic risk

Overview

The skill appears to be a remote video-editing helper, but it may automatically create backend sessions and route broad prompts to a third-party service without clear user consent.

Install only if you are comfortable with prompts, media, runtime metadata, and anonymous session state being sent to the provider. Prefer a version that asks before first network use, explains what data is retained, and avoids sending ambiguous requests automatically.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (4)

Description-Behavior Mismatch

Medium
Confidence
94% confidence
Finding
The skill is presented as a straightforward video editor, but it also silently provisions anonymous auth tokens and creates backend sessions on behalf of the user. That behavior expands the trust boundary to account-like state management and remote service interaction, which can surprise users and create privacy, consent, and misuse risks if they did not expect authentication and persistent session creation.

Context-Inappropriate Capability

Low
Confidence
78% confidence
Finding
The skill derives attribution headers from install-path and runtime metadata, including platform detection from local paths, even though that information is not necessary to edit a video. This introduces unnecessary environment inspection and metadata disclosure to the remote service, which weakens privacy and can aid fingerprinting of the user's setup.

Vague Triggers

Medium
Confidence
81% confidence
Finding
The routing rule sends essentially all unmatched prompts to the SSE editing action, making ordinary or ambiguous user messages trigger remote processing. In a skill that uploads media and interacts with a backend, broad intent matching increases the chance of unintended network calls, unexpected edits, or accidental disclosure of user input to the service.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill instructs the agent to automatically connect, obtain an anonymous token if needed, and create a session before handling user requests, without a prominent user-facing consent step. This is dangerous because it initiates third-party network activity and account/session provisioning automatically, potentially exposing user metadata and creating service-side state without informed approval.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal