ClawHub

Feishu Video Editor

Security checks across malware telemetry and agentic risk

Overview

The skill is a mostly coherent local video editor, but it can pass user-controlled video paths and timestamps through a shell command, creating a real local command-execution risk.

Review before installing. Use only with trusted filenames and arguments, avoid running it in directories or accounts with sensitive write access, and prefer a revised version that replaces exec with spawn or execFile argument arrays and uses secure temporary-file APIs. Treat the Feishu upload claims cautiously because the documentation advertises cloud upload but the inspected code does not clearly implement or scope it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Behavioral ASTexec() Call, eval() Call, Dynamic Import
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

subprocess module call

Medium
Category
Dangerous Code Execution
Content
'-y', audio_path
        ]
        
        subprocess.run(cmd, capture_output=True)
        return audio_path
    
    def _detect_silence(self, audio_path: str) -> list:
Confidence
88% confidence
Finding
subprocess.run(cmd, capture_output=True)

subprocess module call

Medium
Category
Dangerous Code Execution
Content
'-c', 'copy',
            '-y', output_path
        ]
        subprocess.run(cmd, capture_output=True)
        
        # 清理临时文件
        os.remove(list_file)
Confidence
89% confidence
Finding
subprocess.run(cmd, capture_output=True)

subprocess module call

Medium
Category
Dangerous Code Execution
Content
'-c', 'copy',  # 快速复制,不重新编码
                '-y', temp_path
            ]
            subprocess.run(cmd, capture_output=True)
        
        # 创建文件列表
        list_file = tempfile.mktemp(suffix='.txt')
Confidence
90% confidence
Finding
subprocess.run(cmd, capture_output=True)

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The README states that the skill uploads/downloads videos and automatically uploads edited results, but it provides no warning about where data is sent, what content may be processed, or what privacy implications apply to potentially sensitive video and audio data. Because video editing here also includes speech-to-text processing, users may unknowingly expose personal, confidential, or regulated information to external services or cloud storage.

Missing User Warnings

Medium
Confidence
99% confidence
Finding
The code constructs a shell command with user-controlled values such as `videoPath`, `startTime`, and `endTime` via string concatenation and passes it to `exec`. An attacker can inject shell metacharacters to execute arbitrary commands on the host, making this a direct command injection risk in a skill that accepts external input.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal