ClawHub

Caption Generator Srt

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed cloud video captioning and rendering skill, but users should understand their media and prompts are sent to NemoVideo's backend.

Install only if you are comfortable sending selected video files, prompts, session data, and render jobs to NemoVideo's cloud service. Avoid confidential, regulated, or private media unless the provider's privacy, retention, billing, and credit terms are acceptable to you.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Description-Behavior Mismatch

Medium
Confidence
86% confidence
Finding
The skill is presented as a narrowly scoped SRT caption generator, but its routing and backend documentation expose broader video editing, rendering, track manipulation, export, and media-processing capabilities. This scope expansion can mislead users and host systems about what the skill may do with uploaded media, increasing the chance of unauthorized or unexpected processing beyond caption generation.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The invocation examples are overly broad and include generic phrases like 'generate my video files' and 'export 1080p MP4,' which could cause the skill to activate on commonplace user requests without clear intent to use this specific cloud service. In an agent environment, broad triggers increase the risk of accidental routing, unexpected uploads, and unintended external processing of user media.

Vague Triggers

Medium
Confidence
92% confidence
Finding
The routing rule contains a catch-all condition that sends 'Everything else' to the SSE backend, effectively allowing ambiguous or unrelated prompts to trigger remote processing. This is dangerous because it broadens the operational surface of the skill far beyond explicit caption requests and can result in unintended transmission of user instructions or media to a third-party service.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The setup instructions disclose that the skill connects to a cloud backend, but the skill's user-facing description and quick-start language do not prominently warn that uploaded video files and prompts are sent to a remote third-party service. For media files, this is a meaningful privacy and data-handling issue because users may reasonably assume local processing unless remote upload is clearly disclosed before use.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal