ClawHub

Unified Video Lyrics Free

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed cloud video-lyrics skill that sends user media to NemoVideo for processing, with privacy and scope considerations but no evidence of malicious behavior.

Install only if you are comfortable with NemoVideo receiving uploaded media, prompts, language/session metadata, and generated outputs for cloud processing. Avoid sensitive private videos and do not provide internal or private URLs unless you trust the provider's handling and retention practices; treat NEMO_TOKEN as a credential.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (4)

Description-Behavior Mismatch

Medium
Confidence
92% confidence
Finding
The skill is presented as a narrow lyrics-overlay tool, but the body documents a much broader remote video editing and rendering system with SSE-driven edits, state inspection, exports, and general media manipulation. This scope mismatch increases the chance that users or host agents invoke capabilities they did not meaningfully consent to, expanding the attack surface beyond the advertised purpose.

Context-Inappropriate Capability

Medium
Confidence
95% confidence
Finding
Allowing arbitrary remote media ingestion by URL enables the skill to fetch attacker-controlled or internal network resources under the backend's identity, which can introduce SSRF-style risks, unexpected data transfer, or ingestion of untrusted content unrelated to the user's uploaded video. In a lyrics-overlay skill, URL fetch support is unnecessary for the core use case and materially broadens exposure.

Vague Triggers

Medium
Confidence
89% confidence
Finding
Routing nearly all unmatched user requests into the SSE editing backend gives the skill an overly broad execution surface and makes prompt-triggered misuse more likely. Because the backend appears to support general edit operations, a catch-all trigger can cause unintended actions from ambiguous or unrelated user input.

Natural-Language Policy Violations

Medium
Confidence
86% confidence
Finding
Automatically detecting and submitting the user's language to a remote service without opt-in creates an unnecessary privacy exposure and may transmit user-derived metadata beyond what is required. In this context the risk is not catastrophic, but it is still a meaningful consent and data-minimization issue.

VirusTotal

59/59 vendors flagged this skill as clean.

View on VirusTotal