ClawHub

Free Subtitles

Security checks across malware telemetry and agentic risk

Overview

This subtitle skill is mostly coherent, but it uses broad remote media-processing powers and automatic backend access that users should review before installing.

Review before installing. Use this only if you are comfortable sending videos, audio, images, URLs, prompts, and render state to the NemoVideo cloud service. Avoid confidential, private, or regulated media unless you trust that service's retention and access controls, and confirm subtitle language and export intent before processing.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (7)

Description-Behavior Mismatch

Medium
Confidence
92% confidence
Finding
The skill is presented as a narrow subtitle tool, but the documented routing and actions expose a broader remote media-editing pipeline. That scope mismatch can mislead users and host systems about what data, actions, and backend capabilities are actually being invoked, increasing the chance of unintended uploads, edits, or policy bypass.

Description-Behavior Mismatch

Medium
Confidence
90% confidence
Finding
The file advertises a subtitle workflow but also accepts many unrelated media formats and describes a general render/export system. This broader-than-declared capability increases attack surface and can cause users to provide files or approve behavior they would not expect from a subtitle-only skill.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The phrase "Or just tell me what you're thinking" is overly broad and can cause accidental invocation from normal conversation rather than an intentional request to process media. In a skill that uploads files and contacts external APIs, ambiguous activation materially raises the risk of unintended data handling.

Vague Triggers

Medium
Confidence
89% confidence
Finding
Example phrases like "add my video files" and especially "export 1080p MP4" are generic and overlap with common editing requests outside this skill's intended scope. That makes misrouting and unintended execution more likely, particularly because the skill performs remote processing and export operations.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill instructs the agent to upload user videos and messages to external endpoints and create remote sessions, but it does not clearly warn users that their content is transmitted to third-party cloud services. Because video files may contain sensitive personal, business, or biometric data, lack of clear disclosure undermines informed consent and increases privacy and compliance risk.

Missing User Warnings

Low
Confidence
80% confidence
Finding
The document notes that closing the tab can orphan jobs because state and job identifiers persist remotely, but this persistence risk is not surfaced as a clear user warning in the skill's guidance. Users may assume processing is ephemeral when in fact remote state can outlive the visible session.

Natural-Language Policy Violations

Medium
Confidence
84% confidence
Finding
The skill creates sessions with `"language":"en"` by default without asking the user, which can cause inaccurate transcription/subtitles and unintended disclosure of language preferences or content to the backend. In multilingual contexts this may degrade output quality and create avoidable privacy and UX issues.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal