ClawHub

Ai Wechat Video

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent cloud video-editing integration, but users should understand that selected videos, prompts, and render metadata go to NemoVideo for processing.

Install only if you are comfortable sending the videos, URLs, prompts, and render metadata you choose to NemoVideo's cloud service. Avoid confidential media unless you trust that provider, and use a dedicated NEMO_TOKEN where possible.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
93% confidence
Finding
The routing rule sends essentially all unmatched prompts to the SSE backend, which can cause over-broad activation of the skill and unintended transmission of user requests to a remote service. In a media-processing skill that can upload content and create backend sessions, this increases the chance of privacy-impacting misroutes and accidental execution on irrelevant prompts.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill instructs users to upload video clips and immediately connects to a third-party backend, but it does not clearly warn that media and prompt content will be sent to remote cloud services. This undermines informed consent and can expose sensitive video, audio, or embedded personal data to external processing without an explicit disclosure.

Missing User Warnings

Low
Confidence
87% confidence
Finding
The skill silently uses an environment-provided token or acquires an anonymous token to access the backend, without disclosing that authenticated backend access is occurring on the user's behalf. While this is not direct credential exfiltration, the lack of transparency can mislead users about account, quota, and identity implications tied to backend requests.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal