ClawHub

Nonprofit Video Maker

Security checks across malware telemetry and agentic risk

Overview

This appears to be a legitimate cloud video-making skill, but it can automatically connect to a third-party service and route broad media-editing requests without a clear consent step.

Review before installing. Use this only if your organization is comfortable sending video clips, images, prompts, logos, audio, and draft/export metadata to NemoVideo's remote API. Protect NEMO_TOKEN, avoid sensitive donor material unless the provider's privacy terms are acceptable, and require explicit user confirmation before uploads, edits, or exports.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
91% confidence
Finding
The invocation language is broad enough that ordinary conversation about creating videos or sharing clips could trigger the skill unintentionally. That increases the chance of surprise activation, which in this skill is significant because activation leads to automatic network authentication and possible third-party data transfer.

Vague Triggers

Medium
Confidence
94% confidence
Finding
The example trigger phrase 'create my video clips or images' is too vague and overlaps with common user requests unrelated to this specific skill. Because the skill auto-connects on first interaction, accidental triggering can silently initiate authentication/session creation and set up later upload flows without informed consent.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The description markets ease of use but does not clearly warn that user prompts, uploaded media, and derived draft/export data are sent to a third-party remote processing API. For a nonprofit-focused media workflow, those files may contain donor stories, faces, voices, or other sensitive content, so omission of the disclosure creates a meaningful privacy and consent risk.

Missing User Warnings

Medium
Confidence
98% confidence
Finding
The skill instructs the agent to perform network authentication and create a remote session automatically on first interaction, without first informing the user or requesting consent. This is dangerous because it initiates external communications and account/token handling before the user understands that a third-party service is being contacted.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal