ClawHub

Alibabacloud Video Editor

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed Alibaba Cloud video-editing skill, but it should be used only with scoped cloud credentials because it can submit billable jobs and use OSS resources.

Install only if you intend to use Alibaba Cloud for video processing. Use a dedicated least-privilege RAM user or role, avoid the full-access policies except in tightly controlled testing, confirm the OSS bucket/output path and expected charges before submitting jobs, and verify the missing dependency file from a trusted source.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
88% confidence
Finding
The trigger description is very broad, covering generic video editing terms in multiple languages, which increases the chance the skill is auto-selected for loosely related requests. In this context, unintended invocation is more concerning because the skill can access cloud credentials, interact with OSS, and submit potentially billable remote jobs.

Vague Triggers

Medium
Confidence
91% confidence
Finding
The 'LLM Generation Suggestions' include broad natural-language trigger phrases such as 'Add a transition', 'Blur background', 'Picture-in-picture', and especially 'Make the picture more lively', which can cause the skill to activate for vague or tangential user requests. In an agent environment, overly broad activation guidance increases the chance of unintended tool invocation and unexpected processing of user-provided URLs or media, even when the user did not clearly request this specific cloud-editing skill.

Vague Triggers

Medium
Confidence
83% confidence
Finding
The trigger suggestions are broad enough that the slideshow template may be selected for loosely related requests such as generic photo or video creation, causing the agent to invoke this skill when a more appropriate workflow exists. In this file the risk is limited because the content is only a reference template and does not itself execute code, access secrets, or override safety controls, but it can still degrade routing accuracy and lead to unintended cloud media operations.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The document recommends `AliyunICEFullAccess` and `AliyunOSSFullAccess` as a quick authorization path without clearly warning that these policies grant broad privileges far beyond the minimum needed for the skill. In a skill that processes user media and may interact with OSS buckets, overbroad permissions increase blast radius if the skill, credentials, or workflow are misused, potentially exposing or modifying unrelated cloud media assets.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal