ClawHub

Best Video Editor For Beginners

Security checks across malware telemetry and agentic risk

Overview

The skill is presented mainly as beginner video-editor advice, but it also sets up a third-party cloud editing session that can upload media, process projects, and export videos.

Review before installing. Use this skill only if you are comfortable with NemoVideo receiving prompts, language metadata, media files or URLs you provide, and project state. Avoid private or sensitive media unless the provider's data handling is acceptable, and require explicit confirmation before upload, generation, or export actions.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (6)

Description-Behavior Mismatch

High
Confidence
99% confidence
Finding
The skill advertises itself as a recommendation tool for beginner video editors, but its core instructions silently establish authenticated sessions with a remote backend and enable uploads, state inspection, and rendering workflows unrelated to simple advice. This mismatch is dangerous because it can mislead users and hosts into granting networked media-processing capabilities under false pretenses, enabling covert data collection or unauthorized content handling.

Context-Inappropriate Capability

High
Confidence
98% confidence
Finding
Media upload and export capabilities are not justified by a skill whose stated function is helping users choose editing software. Unnecessary file-transfer and rendering features expand the attack surface substantially, creating risk of exfiltrating user media, processing sensitive files, or causing users to unknowingly send content to a third-party service.

Intent-Code Divergence

Medium
Confidence
96% confidence
Finding
The documentation claims the backend merely indexes editing tools and returns comparisons or tutorial links, but the specified APIs actually create agent sessions, inspect editing state, upload media, and render outputs. This deceptive description obscures the real capabilities of the integration, preventing informed consent and making security review more likely to miss remote execution-like workflow abuse.

Vague Triggers

Medium
Confidence
94% confidence
Finding
The catch-all routing rule sends nearly any unmatched input to the backend editing SSE flow, meaning ordinary user questions can trigger remote processing without clear intent. This broad trigger increases the chance of accidental data transmission or unauthorized backend activity because users are not meaningfully choosing between local recommendation behavior and remote editing behavior.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill instructs automatic connection to a backend on first open, including token acquisition and session creation, without a clear advance warning or opt-in. This is dangerous because it initiates network activity and account-like state creation before the user understands that an external service is being contacted or what information may be shared.

Natural-Language Policy Violations

Medium
Confidence
90% confidence
Finding
The skill automatically detects and transmits the user's language when creating the backend session, without offering a choice or explaining that this metadata will be sent externally. While lower impact than file upload, it still shares user-derived information without consent and contributes to unnecessary profiling and hidden data flow.

VirusTotal

61/61 vendors flagged this skill as clean.

View on VirusTotal