ClawHub

Video Compressor 8mb

Security checks across malware telemetry and agentic risk

Overview

This appears to be a real cloud video compression skill, but it also gives broad remote video editing authority beyond its simple 8MB compressor description.

Install only if you intend to use NemoVideo's cloud service and are comfortable sending selected videos, prompts, session data, and token-authenticated requests to that backend. Review prompts before use, avoid sensitive recordings, and require explicit user confirmation before uploads, edits, exports, or credit-consuming actions.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (4)

Description-Behavior Mismatch

Medium
Confidence
95% confidence
Finding
The skill is presented as a narrow 8MB video compressor, but the implementation guidance exposes a much broader remote video editing and rendering backend with chat-driven edits, timeline manipulation, credits, state inspection, and export workflows. This scope expansion is dangerous because users and calling agents may grant trust, files, and credentials under the assumption of simple compression while the skill can perform materially different cloud operations and route arbitrary prompts into a general editing pipeline.

Context-Inappropriate Capability

Medium
Confidence
96% confidence
Finding
The documented capabilities include general video generation/editing, media composition, overlays, audio tracks, and SSE-driven command execution that exceed the declared purpose of compressing a video to 8MB. This creates a deceptive capability boundary: a host may auto-enable the skill for low-risk compression use while unintentionally exposing users' media and prompts to a far more powerful cloud editing system.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The phrase "Or just tell me what you're thinking" is an overly broad invocation cue that can cause accidental activation from ordinary conversation unrelated to video compression. In an agent environment, this kind of loose trigger increases the chance that unrelated user input gets sent to the external backend, causing unintended data disclosure or unexpected remote actions.

Vague Triggers

Medium
Confidence
97% confidence
Finding
The routing rule "Everything else" to SSE is effectively a catch-all that forwards arbitrary prompts into a remote chat/edit pipeline without clear scope limits. This is especially risky because the same document instructs the skill to interpret GUI-like commands and execute backend actions, so unrelated or sensitive user text could trigger external processing or unintended state changes.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal