ClawHub

Free Generation Editing

Security checks across malware telemetry and agentic risk

Overview

This skill is a cloud video-editing integration, but it is too eager to connect to an external service and use tokens without clearly keeping the user in control.

Review before installing. Use this only when you intentionally want NemoVideo cloud processing, avoid private or sensitive media unless you trust that provider, and watch for NEMO_TOKEN or anonymous-credit use because the skill is designed to connect and create sessions automatically.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Description-Behavior Mismatch

Medium
Confidence
91% confidence
Finding
The skill is framed as editing user-uploaded video, but the documented supported formats and upload behavior expand into arbitrary media types and URL-based ingestion. This broadens the trust boundary and can enable server-side fetching of attacker-controlled URLs, unexpected processing of non-video content, or user confusion about what data the skill may transmit to the backend.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The example invocation text is broad enough that ordinary conversation about generating videos or exporting media could trigger the skill unintentionally. Over-broad activation increases the chance that user files, prompts, or environment-backed credentials are sent to the external service without sufficiently clear user intent.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The catch-all routing rule sends 'everything else' to the SSE editing backend, which is too ambiguous for a skill with networked side effects and file handling. This can cause accidental invocation on loosely related user input, resulting in unintended backend requests, session creation, or transmission of user content to the third-party service.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal