ClawHub

Boomerang Video Maker Free

Security checks across malware telemetry and agentic risk

Overview

This is a cloud video-rendering skill with disclosed backend use, but users should understand it contacts NemoVideo automatically and sends selected media/prompts to that service.

Install only if you are comfortable with NemoVideo receiving the prompts and media you choose to process. Avoid uploading sensitive personal, confidential, or regulated videos/audio/images, keep NEMO_TOKEN private, and expect the skill to create a short-lived backend session automatically when first used.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (5)

Description-Behavior Mismatch

Medium
Confidence
91% confidence
Finding
The skill is presented as a narrow boomerang-video maker, but the documented actions expose a much broader multimedia editing surface including session state inspection, generic SSE editing, exporting, and handling multiple media types. This mismatch increases the chance of overbroad invocation, user confusion, and unintended data processing through external APIs beyond the user’s reasonable expectation.

Context-Inappropriate Capability

Medium
Confidence
90% confidence
Finding
Including audio manipulation, text overlays, generic rendering, and non-video asset support is unnecessary for a boomerang-only skill and expands the attack and abuse surface. Broader capability scope can enable unintended processing of user content and make it easier for unrelated prompts to trigger external uploads or edits under a misleading skill identity.

Vague Triggers

Medium
Confidence
86% confidence
Finding
The description encourages activation from loosely related natural-language requests without defining clear boundaries for when the skill should engage. Ambiguous triggering can cause the agent to invoke this skill unexpectedly, leading to unintended network calls, token creation, or media handling on user inputs that were not meant for this backend.

Vague Triggers

Medium
Confidence
95% confidence
Finding
The routing rule sending 'Everything else' to SSE is overly broad and effectively grants the backend control over arbitrary user requests within the skill session. This can route unrelated prompts into a remote processing pipeline, increasing the risk of unintended actions, excessive data exposure, and abuse of the external service.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill instructs automatic connection, anonymous token acquisition, and session creation with a third-party backend before giving a clear user-facing disclosure that prompts and media will be transmitted externally. This creates a meaningful privacy and consent risk because users may unknowingly send videos and metadata to a remote service simply by opening or using the skill.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal