ClawHub

Subtitle Generator Green Screen

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed cloud video captioning/editing workflow, but users should be mindful that uploaded media and prompts go to NemoVideo.

Install only if you are comfortable sending chosen media and editing prompts to NemoVideo's cloud service. Avoid sensitive personal, client, or unreleased footage unless you have reviewed the provider's privacy and retention terms, protect the NEMO_TOKEN, and watch for broad prompts like 'export' or 'edit' that may activate the skill.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Description-Behavior Mismatch

Medium
Confidence
90% confidence
Finding
The skill is presented as a narrow subtitle/green-screen tool, but the documented backend exposes a general-purpose media editing session with broad command routing and state manipulation. This capability mismatch can mislead users into granting files and prompts to a skill that can perform more expansive actions than its stated purpose, increasing the risk of over-collection or unintended processing.

Vague Triggers

Medium
Confidence
87% confidence
Finding
The invocation phrases are extremely generic, such as 'export 1080p MP4' and 'generate my video footage,' which can cause the skill to trigger during unrelated conversations or tasks. Over-broad activation increases the chance of accidental file processing, unintended backend calls, and user confusion about which skill is handling sensitive media.

Vague Triggers

Medium
Confidence
92% confidence
Finding
The routing table sends 'Everything else' to the SSE editing path, creating a catch-all that can interpret nearly any prompt as permission to contact the backend and perform editing actions. In a skill that handles user media and sessions, this broad dispatch materially increases the risk of unintended actions and scope creep beyond user expectations.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal