ClawHub

Video Editing With Gpu

Security checks across malware telemetry and agentic risk

Overview

This is a cloud video-editing skill that uses a NemoVideo backend as advertised, but users should know their videos and edit prompts are processed by that service.

Install only if you are comfortable sending selected video files, edit prompts, session data, and token-backed requests to NemoVideo's cloud API. Use a dedicated token when possible, avoid uploading confidential footage without reviewing the provider's terms, and verify output resolution if true 4K export is important.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (8)

Description-Behavior Mismatch

Medium
Confidence
94% confidence
Finding
The skill presents itself as a simple upload/edit/export workflow, but the instructions clearly require sending user media, prompts, and project state to a third-party backend and cloud GPU pipeline. This is a real transparency and data-handling issue because users may share sensitive video content without informed consent about remote processing.

Context-Inappropriate Capability

Medium
Confidence
80% confidence
Finding
The skill includes logic to acquire anonymous tokens and manage credits, which goes beyond what a user would reasonably expect from a basic editing helper. While such functionality may support the backend service, it introduces account-like operations and external service interaction that are not clearly disclosed and can cause unauthorized or unexpected use of third-party resources.

Context-Inappropriate Capability

Low
Confidence
73% confidence
Finding
The skill instructs the agent to detect the host platform from install path and send attribution headers on every request, which is not necessary for core video editing behavior. This creates unnecessary environment fingerprinting and metadata leakage to the remote service, increasing privacy risk beyond the stated purpose.

Vague Triggers

Medium
Confidence
86% confidence
Finding
The example triggers are very broad and generic, such as 'export 4K MP4' or 'edit my raw video footage', which can cause the skill to activate in contexts where the user did not clearly intend to invoke this remote service. In a skill that uploads media and contacts an external backend, unintended activation materially raises privacy and data-transfer risk.

Vague Triggers

Medium
Confidence
91% confidence
Finding
The routing rules use an 'everything else' catch-all to send requests into the SSE editing flow, making activation overly permissive. Because that flow can transmit user instructions and potentially associated media to a remote backend, this broad routing increases the chance of unintended external processing.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill description does not clearly warn that user media and editing instructions are sent to a remote backend for processing. This omission is significant because video files often contain sensitive personal, workplace, or location data, and users need clear notice before cloud upload and processing.

Missing User Warnings

Low
Confidence
88% confidence
Finding
The skill also omits clear notice that it handles remote tokens, sessions, and external authentication flows, including anonymous token issuance. Even if this is operationally necessary, undisclosed session and token handling can surprise users and administrators and complicate trust and auditing.

Natural-Language Policy Violations

Medium
Confidence
84% confidence
Finding
The session creation hard-codes the language to 'en' without user choice, which can result in unintended transmission of user requests under the wrong language setting and may degrade correctness for non-English users. In a remote-processing workflow, silently forcing a locale is an avoidable trust and UX issue that can also affect interpretation of user content.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal