ClawHub
Back to skill

Security audit

FFmpeg Video Watermark Remover

Security checks across malware telemetry and agentic risk

Overview

This skill openly removes video watermarks, but it has no authorization guardrails for third-party attribution or provenance marks.

Install only for videos you own or are clearly authorized to edit. Do not use it to remove third-party attribution, creator marks, platform watermarks, or provenance indicators. Use careful output paths because the helper scripts can overwrite existing files.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Behavioral ASTexec() Call, eval() Call, Dynamic Import
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

subprocess module call

Medium
Category
Dangerous Code Execution
Content
concat_file = temp_dir / 'concat.txt'
    concat_file.write_text('\n'.join(f"file '{f}'" for f in seg_files))
    
    result = subprocess.run([
        'ffmpeg', '-y', '-f', 'concat', '-safe', '0',
        '-i', str(concat_file), '-c', 'copy', output_video
    ], capture_output=True, text=True)
Confidence
86% confidence
Finding
result = subprocess.run([ 'ffmpeg', '-y', '-f', 'concat', '-safe', '0', '-i', str(concat_file), '-c', 'copy', output_video ], capture_output=True, text=True)

Lp3

Medium
Category
MCP Least Privilege
Confidence
94% confidence
Finding
The skill invokes shell commands and writes output files but declares no corresponding permissions, creating a mismatch between its documented trust boundary and its actual capabilities. That omission can cause the host or reviewer to underestimate the skill's ability to manipulate files and execute ffmpeg-based processing, which is especially risky because it handles user-supplied paths and emits artifacts to disk.

Ssd 4

Medium
Confidence
97% confidence
Finding
This skill provides operational instructions to remove watermarks from videos and then deliver the modified media, directly enabling circumvention of provenance, branding, or ownership markings. In context, that materially increases abuse potential because the workflow is turnkey, includes segmentation for moving marks, and is optimized for producing redistributed altered content rather than merely analyzing media.

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal