ClawHub

autoshorts

Security checks across malware telemetry and agentic risk

Overview

AutoShorts is a disclosed video-clipping and social-publishing workflow with cloud uploads and credentials, but its sensitive actions are purpose-aligned and user-gated.

Install only if you are comfortable storing Gemini and Upload-Post credentials locally, sending source videos and transcripts to Gemini, sending approved clips and metadata to Upload-Post, and retaining local clip history and analytics. Keep the dry-run and approval steps enabled, verify the target Upload-Post profile before publishing, and periodically clear local learning/history files if retention matters.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (7)

Lp3

Medium
Category
MCP Least Privilege
Confidence
92% confidence
Finding
The skill declares no permissions despite clearly requiring shell execution, filesystem access, environment-variable handling, and network calls to Gemini and Upload-Post. This under-disclosure is dangerous because users and harnesses may authorize or invoke it without understanding that it can read/write local files, transmit data off-box, and use stored secrets.

Tp4

High
Category
MCP Tool Poisoning
Confidence
88% confidence
Finding
The stated purpose suggests a relatively narrow one-video clip creation flow, but the instructions also implement persistent state tracking, repeated reprocessing across cycles, analytics retrieval, learning from publication history, and preference inference. That mismatch matters because users may consent to basic editing while unknowingly enabling ongoing profiling, retention, and external data processing beyond the advertised scope.

Vague Triggers

Medium
Confidence
81% confidence
Finding
The invocation wording is broad enough to trigger on generic video-editing or clip-generation requests, which could cause the agent to launch a networked, file-writing, and publishing-oriented workflow unexpectedly. In this skill's context, over-triggering is more dangerous because the workflow handles API keys, processes user media, and can ultimately schedule social posting.

Vague Triggers

Low
Confidence
81% confidence
Finding
The invocation wording is broad enough to trigger on generic video-editing or clip-generation requests, which could cause the agent to launch a networked, file-writing, and publishing-oriented workflow unexpectedly. In this skill's context, over-triggering is more dangerous because the workflow handles API keys, processes user media, and can ultimately schedule social posting.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The analyze command uploads full video content to Gemini Files API with no runtime disclosure or consent check. In a media-processing skill, source videos may contain confidential, copyrighted, or personal data, so silent transmission to a third party materially increases privacy and compliance risk.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The publish command sends the rendered video plus metadata to Upload-Post without an execution-time warning beyond the CLI semantics. Because this skill automates cross-platform publishing, accidental or uninformed transmission can expose private content, unpublished material, or sensitive metadata to an external service.

External Transmission

Medium
Category
Data Exfiltration
Content
- Connect TikTok, Instagram (Business/Creator account linked to a Facebook Page), and YouTube via OAuth in the dashboard.
- In **Manage Users**, create a profile — its name is `UPLOAD_POST_PROFILE` (NOT the social handle).
- Generate an API key in **Settings**.
- Verify: `curl -H "Authorization: Apikey $UPLOAD_POST_API_KEY" https://api.upload-post.com/api/uploadposts/me`.

## Orchestration model
Confidence
86% confidence
Finding
https://api.upload-post.com/

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal