ClawHub

Editor For

Security checks across malware telemetry and agentic risk

Overview

This video-editing skill is purpose-aligned, but it can automatically create a remote session and route broad prompts or uploaded media to a cloud service without sufficiently clear consent boundaries.

Review before installing. Use this only with videos and prompts you are comfortable sending to NemoVideo cloud infrastructure, avoid sensitive personal or confidential footage unless you trust the provider’s terms, and prefer explicit confirmation before token setup, upload, or export.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
87% confidence
Finding
The invocation examples are generic enough that ordinary user phrases like 'export 1080p MP4' or 'edit my raw video footage' could activate the skill outside a clearly intentional context. In an agent ecosystem, overly broad triggers increase the chance of accidental skill invocation, which can lead to unintended network calls, token acquisition, or media upload workflows being initiated.

Vague Triggers

Medium
Confidence
94% confidence
Finding
The routing table includes an 'Everything else' catch-all that sends unmatched prompts into the SSE editing flow, making activation extremely permissive. In context, this is more dangerous because the skill also performs authenticated remote actions and can process user media, so ambiguous prompts may trigger unintended cloud-side operations.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill instructs the agent to automatically connect to a remote backend and obtain an anonymous token on first open, without a clear up-front consent step. This is dangerous because merely opening the skill can cause network transmission, device-generated identifiers, and account/session creation before the user has meaningfully agreed to external data exchange.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The user-facing description emphasizes convenience but does not clearly warn that raw video footage is uploaded to and processed on cloud infrastructure. Given that video recordings may contain sensitive on-screen content, faces, audio, credentials, or proprietary information, inadequate disclosure materially increases privacy and data-handling risk.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal