ClawHub

Add Subtitle To Video Capcut

Security checks across malware telemetry and agentic risk

Overview

This skill is a cloud video captioning/editing connector, but its broad automatic routing and third-party processing need review before installation.

Install only if you are comfortable sending selected media files, editing prompts, and related session data to NemoVideo's cloud API. Use explicit subtitle/video-editing requests, avoid private or regulated media unless you trust the provider, and review the token/config requirements before enabling it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (6)

Description-Behavior Mismatch

Medium
Confidence
95% confidence
Finding
The skill is presented as a narrow subtitle-generation tool, but the documented behavior expands into a general-purpose video editing agent with broad message routing and remote action execution. This scope mismatch can cause users and calling systems to grant trust or permissions appropriate for captioning while the skill actually performs much broader cloud-side processing and edits.

Description-Behavior Mismatch

Medium
Confidence
93% confidence
Finding
The skill claims to add subtitles, but the API surface and supported formats include broad media processing across video, audio, images, and generic rendering/export workflows. This expands data handling and operational scope beyond user expectations, increasing the risk of unintended uploads, transformations, and privacy exposure.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The sample phrase "add my video clips" is broad enough to overlap with ordinary user conversation and may trigger the skill outside a clear, intentional request for subtitle generation. Overbroad activation increases the chance of unintended backend connection, session creation, or media processing.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The instruction to activate when the user says they are "thinking" is too vague to distinguish real intent from normal conversation. This can lead to accidental skill activation and unnecessary transmission of prompts or setup actions to the remote service.

Vague Triggers

High
Confidence
98% confidence
Finding
The routing rule that sends "Everything else" to the SSE editing pipeline is effectively an unbounded catch-all trigger. In practice, that means nearly any user utterance could be forwarded to a third-party backend for interpretation and action, creating serious risks of unintended data disclosure, overcollection, and unauthorized operations.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill does not clearly warn users up front that their uploaded media and free-form prompts are sent to a cloud backend for processing. Because video content may contain sensitive personal, biometric, location, or confidential information, this omission undermines informed consent and increases privacy and compliance risk.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal