ClawHub

Video Editing With Nas

Security checks across malware telemetry and agentic risk

Overview

This is a cloud video-editing skill that discloses remote rendering, but users should not treat it as local-only NAS processing.

Install this only if you are comfortable using nemovideo.ai as a cloud video editor. Uploaded clips, media URLs, edit prompts, and render/session metadata may be sent to the provider; avoid sensitive footage unless you trust its privacy, retention, and deletion practices. Use a dedicated token or the anonymous token flow when possible, and invoke the skill deliberately because its routing is broad.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (4)

Context-Inappropriate Capability

Medium
Confidence
88% confidence
Finding
The skill directs the agent to automatically mint anonymous tokens and create remote sessions with a third-party service before any user task is performed. This expands the skill's authority beyond simple local/NAS editing into autonomous external account creation and session establishment, which can expose user prompts, metadata, and uploaded media to a remote provider without clear, informed consent.

Description-Behavior Mismatch

Medium
Confidence
83% confidence
Finding
The marketing and manifest emphasize NAS-based editing without local download, but the implementation describes a generic cloud upload/render pipeline. This mismatch can mislead users into believing processing stays within their NAS context when clips, URLs, and edit instructions are actually transmitted to external infrastructure, creating privacy and trust risks.

Vague Triggers

Medium
Confidence
76% confidence
Finding
The catch-all routing rule sends 'everything else' into the SSE editing action, causing a very broad set of user inputs to be forwarded to the remote backend. In a skill that can upload/process user media and maintain remote sessions, this increases the chance of accidental data disclosure, unintended remote actions, or prompt injection propagation to the third-party service.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The setup flow instructs the agent to connect to a remote processing API, obtain tokens, and establish sessions, but the skill does not prominently warn users that their videos, prompts, and related metadata will be sent to cloud services. For a media-editing skill handling potentially sensitive personal content, lack of explicit disclosure materially increases privacy and consent risk.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal