ClawHub

Francais Editor Ai

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed cloud video-editing workflow, but users should understand that media and prompts are sent to an external service.

Install only if you are comfortable sending videos, prompts, and related media to the nemovideo.ai cloud service for processing. Avoid sensitive personal, confidential business, biometric, or location-revealing footage unless you trust that service's privacy and retention practices.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Description-Behavior Mismatch

Medium
Confidence
93% confidence
Finding
The manifest and user-facing description constrain accepted inputs to a small set of video formats, but the operational documentation expands support to many additional media and image types. This mismatch can cause users, reviewers, or policy layers to underestimate what content the skill will process, weakening input-validation expectations and enabling unintended handling of non-video content.

Description-Behavior Mismatch

Medium
Confidence
95% confidence
Finding
The skill is presented as operating on user-uploaded footage, but it also supports ingesting arbitrary remote URLs. Allowing URL-based fetches materially changes the trust boundary because backend infrastructure may retrieve attacker-controlled resources, creating SSRF-like, malware-ingest, or unreviewed third-party content risks that users are not clearly warned about.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The example prompts are broad enough that the skill may activate on generic editing requests rather than clearly scoped, user-intended invocations. Over-broad triggering increases the chance that unrelated media tasks are routed to this external cloud workflow, potentially sending content to a third party without sufficiently specific user intent.

Vague Triggers

Medium
Confidence
97% confidence
Finding
The routing table sends 'Everything else' to the SSE editing path, creating an effectively catch-all activation rule. In a skill that can upload media, create sessions, and trigger remote processing, this broad dispatch materially raises the risk of unintended external actions and data transfer from ambiguous user requests.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill description emphasizes convenience but does not clearly warn users that their media is transmitted to and processed on a cloud backend. For potentially sensitive user videos, lack of upfront disclosure undermines informed consent and increases privacy and data-governance risk.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal