ClawHub

Ai Subtitle Generator For Video

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed cloud video subtitle and rendering workflow, with some privacy and scope caveats but no evidence of hidden or malicious behavior.

Install only if you are comfortable sending uploaded videos, prompts, and any provided media URLs to nemovideo.ai for cloud processing. Avoid private or sensitive footage unless you trust that service’s storage, retention, and deletion practices, and give explicit subtitle/export instructions to avoid broad editing actions.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (5)

Description-Behavior Mismatch

Medium
Confidence
89% confidence
Finding
The skill is presented as a subtitle generator, but the documented routing and API usage expose a much broader cloud video-editing surface including editing, media transformation, state inspection, and export workflows. This increases the effective permission scope beyond user expectations, making it easier for the agent to perform unintended remote processing or data handling under an overly narrow description.

Context-Inappropriate Capability

Low
Confidence
82% confidence
Finding
Allowing uploads by arbitrary URL introduces server-side fetching behavior that is not necessary for basic subtitle generation and can be abused to retrieve attacker-controlled or sensitive resources through the backend. Even if the agent itself does not fetch the URL locally, this capability expands the attack surface to include SSRF-like backend misuse and unreviewed third-party content ingestion.

Description-Behavior Mismatch

Medium
Confidence
90% confidence
Finding
The skill claims to generate captioned video output, yet it advertises export to many non-video formats including images and audio. This mismatch indicates hidden or overly broad transformation capability, which can enable workflows far outside the declared purpose and reduce meaningful user consent about how uploaded media may be processed.

Vague Triggers

Medium
Confidence
87% confidence
Finding
The invocation and routing rules are broad enough to match generic video-editing requests such as aspect ratio changes, text overlays, audio edits, export, and download. In an agent setting, overly broad triggers can cause the skill to activate for prompts beyond subtitle generation, leading to unexpected remote actions on user media and capability confusion.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill instructs the agent to silently acquire anonymous tokens and upload user media to a cloud backend without a clear, up-front warning about external transmission, retention, or credential handling. Because the data involved is video content and session tokens enable continued backend operations, the lack of explicit consent and transparency materially increases privacy and data-handling risk.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal