ClawHub

TechVideo Wizard - SuperMap GIS技术小视频脚本向导

Security checks across malware telemetry and agentic risk

Overview

This is a video-script helper with disclosed web-search and file-output behavior, but users should avoid entering confidential launch or product details.

Install only if you are comfortable with the skill automatically searching public platforms using keywords from your first script idea and saving the final script locally. Do not use unreleased product names, confidential campaign plans, or internal terminology unless that exposure through search queries and a local Markdown file is acceptable.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (6)

Description-Behavior Mismatch

Medium
Confidence
93% confidence
Finding
The skill is presented as a video-script wizard, but it autonomously expands scope into external duplicate-content searches across third-party platforms and a linked external document. This creates an undeclared data-flow from user-provided topics to outside services, increasing privacy, compliance, and trust risks beyond what a user would reasonably expect from script generation.

Context-Inappropriate Capability

Medium
Confidence
91% confidence
Finding
Automatic searches on WeChat Video Channels, Bilibili, and Douyin are not necessary to fulfill the core function of drafting a video script. Because the searches are triggered from user input without an explicit need-to-know basis, the skill unnecessarily exposes user topics externally and broadens the agent's capabilities in a way that can surprise users.

Description-Behavior Mismatch

Low
Confidence
78% confidence
Finding
The skill writes a Markdown file to the working directory even though the manifest primarily describes generating a script, not creating local files. Undisclosed file creation is a capability mismatch that can surprise users and, in shared or sensitive environments, leave artifacts containing potentially confidential product details.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The manifest uses broad trigger language such as helping write various video scripts or handling tasks requiring structured multimedia content creation, which can cause over-activation on generic requests. Over-broad activation increases the chance that the skill runs in contexts where users did not intend its extra behaviors, including external searches and file creation.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill automatically sends user-derived search terms to external video platforms without a clear warning that the topic will leave the local interaction context. This is a classic transparency and privacy issue because even innocuous script topics can reveal confidential product plans, internal features, or marketing strategy.

Missing User Warnings

Low
Confidence
80% confidence
Finding
The skill creates files in the working directory without a clear safety or transparency notice. While low severity, this can still expose sensitive inputs through local persistence, especially in shared workspaces, synced folders, or environments where users do not expect automatic file output.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal