ClawHub

Video Converter

Security checks across malware telemetry and agentic risk

Overview

This appears to be a real cloud video tool, but it needs review because it can send broad prompts and multiple media types to a third-party backend beyond simple MP4 conversion.

Review before installing. Use it only with media and prompts you are comfortable sending to nemovideo.ai, avoid sensitive personal or business content, and be aware that requests beyond basic MP4 conversion may still be routed to the remote backend.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (6)

Description-Behavior Mismatch

Medium
Confidence
94% confidence
Finding
The skill is presented as a simple video-to-MP4 converter, but the documentation explicitly expands behavior into general editing, generation, overlays, audio manipulation, SSE-driven freeform commands, and render workflows. This scope drift can mislead users and host agents into sending broader prompts, files, and data to a powerful remote backend than the manifest suggests, increasing privacy and misuse risk.

Context-Inappropriate Capability

Medium
Confidence
92% confidence
Finding
A converter skill that accepts images, audio, and other editing assets beyond source video formats materially broadens the data it can ingest and process. That mismatch enables unexpected collection and remote processing of unrelated user media, which is risky given the cloud backend and the stated purpose of simple MP4 conversion.

Intent-Code Divergence

Low
Confidence
86% confidence
Finding
Telling users to 'just tell me what you're thinking' creates an open-ended expectation, while the actual routing sends many unspecified prompts into broader editing/generation logic. This increases the chance of unintended invocation, user confusion, and accidental submission of requests or content outside the narrow advertised conversion use case.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The trigger phrase is broad enough that ordinary conversation could activate the skill without a clear user intention to convert a video. In a skill that uploads files to a cloud backend and initiates remote processing, accidental invocation can lead to unintended data transfer or workflow initiation.

Vague Triggers

Medium
Confidence
95% confidence
Finding
The catch-all routing rule sends 'everything else' to SSE-based backend handling, effectively granting a wide range of unspecified prompts access to a remote editing/generation pipeline. In context, this makes the skill substantially more dangerous because the documented purpose is narrow, but the operational scope is effectively open-ended.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill emphasizes convenience but does not clearly warn in its user-facing description that uploaded files are transmitted to and processed by a third-party cloud backend. For media files that may contain sensitive personal content, this lack of upfront disclosure undermines informed consent and can expose users to privacy and compliance issues.

VirusTotal

59/59 vendors flagged this skill as clean.

View on VirusTotal