ClawHub

Vocal Isolation, Background Music Removal then De-Noise

Security checks across malware telemetry and agentic risk

Overview

This skill coherently uploads selected media to Modal for remote vocal isolation and downloads the processed audio, with no evidence of hidden exfiltration or unrelated behavior.

Install only if you are comfortable sending the selected audio or video files to Modal for cloud processing. Use a unique slug, confirm file selections before upload, download and verify outputs before cleanup, and check the exact slug before running the recursive remove command.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Lp3

Medium
Category
MCP Least Privilege
Confidence
88% confidence
Finding
The skill documents shell execution and local file writes but does not declare corresponding permissions, which undermines user awareness and any permission-based controls. Because it also moves user media through CLI commands and writes outputs back to local directories, the undeclared capabilities increase the chance of unexpected filesystem or command-side effects.

Description-Behavior Mismatch

Medium
Confidence
95% confidence
Finding
The manifest suggests local file processing, but the documented workflow uploads user audio/video to a remote Modal volume and processes it in a remote container. This is security-relevant because users may provide sensitive recordings under the false assumption they never leave the local machine, creating confidentiality and compliance risks.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The documented recursive delete of the remote slug path can permanently remove uploaded inputs and generated outputs without clearly warning the user or confirming intent. In a remote-processing workflow, this can cause unexpected data loss and hinder auditing or recovery if the user expected artifacts to remain available.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The code deletes the entire ~/.cache directory if it exists and is not already a symlink, then replaces it with a symlink to the mounted model cache. In a shared or reused runtime, this can erase unrelated cached application data and potentially break other components, causing unintended data loss or destructive side effects beyond this skill's scope.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal