ClawHub

Free Video Effects Generator

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed cloud video-editing integration with some privacy-sensitive behavior users should understand before use.

Install only if you are comfortable using NemoVideo's cloud service for this workflow. Do not upload sensitive personal, confidential, or business media unless you trust that provider's privacy, retention, and account practices. Expect the skill to create or use a token/session, send editing prompts and selected media to the backend, and return rendered video URLs.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (6)

Description-Behavior Mismatch

Medium
Confidence
93% confidence
Finding
The manifest markets the skill as a narrow video-effects tool, but the body exposes broader media-editing, state inspection, audio/text manipulation, and multi-format handling capabilities. This scope mismatch can mislead users and orchestrators about what data and actions the skill may perform, weakening consent and making overbroad invocation or data exposure more likely.

Context-Inappropriate Capability

Medium
Confidence
97% confidence
Finding
The skill instructs the agent to silently obtain anonymous auth tokens and create backend sessions before handling requests. Auto-authentication to a third-party service without explicit user consent expands the trust boundary, enables unreviewed network actions, and can transmit user metadata or content to an external system even when the user only asked for simple editing help.

Vague Triggers

Medium
Confidence
91% confidence
Finding
The catch-all rule routes essentially every unmatched request to the SSE action, making the skill eligible for a very broad set of prompts beyond its stated purpose. In practice, this can cause accidental invocation, unintended transmission of user prompts to the remote backend, and misuse of the external service for tasks the user did not intend this skill to handle.

Vague Triggers

Medium
Confidence
86% confidence
Finding
The suggested invocation phrases are broad everyday language and do not clearly signal that a third-party cloud video service will be used. Ambiguous triggers increase the risk of accidental activation and may cause users to share files or prompts without understanding the remote processing involved.

Missing User Warnings

Medium
Confidence
98% confidence
Finding
The skill omits a clear up-front warning that user media, prompts, and session data are sent to a remote cloud service for processing. Because this skill handles potentially sensitive uploaded videos and associated metadata, lack of disclosure undermines informed consent and can expose personal or proprietary content to third-party infrastructure unexpectedly.

Natural-Language Policy Violations

Medium
Confidence
82% confidence
Finding
Hard-coding the session language to English without user choice can alter prompt meaning, reduce accuracy for non-English users, and create privacy/consent issues if user content is implicitly normalized or translated. While not a direct exploit primitive, it is an unsafe default that can lead to unintended processing outcomes in a multilingual context.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal