ClawHub

Ai Video Editor Enhancer

Security checks across malware telemetry and agentic risk

Overview

This is a cloud video-editing skill whose remote media processing is disclosed and fits its stated purpose, though users should treat uploaded media as shared with the provider.

Install only if you are comfortable sending selected videos, images, audio, URLs, and editing prompts to NemoVideo's cloud service. Do not upload confidential, regulated, or private footage unless you trust the provider's retention and privacy practices, and keep any NEMO_TOKEN private.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Description-Behavior Mismatch

Medium
Confidence
96% confidence
Finding
The skill is presented as a simple video enhancer, but the implementation exposes materially broader capabilities including timeline inspection, text/audio manipulation, state querying, and export orchestration. This mismatch can mislead users and host systems about the true permission and data-handling scope, increasing the risk of unintended actions on user media and reducing informed consent.

Description-Behavior Mismatch

Medium
Confidence
97% confidence
Finding
The skill markets itself as accepting local raw video uploads, yet the documented API also supports remote URL ingestion and multiple non-video media types. Hidden expansion of accepted inputs can enable unexpected external fetching, broaden attack surface, and cause users to disclose or process content they did not expect the skill to handle.

Vague Triggers

Medium
Confidence
91% confidence
Finding
Routing nearly all unmatched requests to the SSE action creates an overly permissive execution path for arbitrary user text. In this skill, that broad fallback can send unintended prompts and editing commands to a remote backend with session context, increasing the likelihood of unexpected operations, data disclosure, or abuse of backend capabilities beyond the user's intent.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The getting-started and marketing text does not clearly warn users that uploaded videos and instructions are sent to a third-party cloud processing backend. For a media skill handling potentially sensitive footage, lack of prominent disclosure undermines informed consent and can expose personal, confidential, or regulated content to remote services unexpectedly.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal