ClawHub

Mediaio Auto Subtitle

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed cloud video subtitle and editing helper, but users should treat uploaded videos and prompts as sent to a third-party service.

Install only if you are comfortable sending video files, prompts, optional source URLs, and a NEMO_TOKEN-backed session to NemoVideo cloud services. Avoid confidential footage unless you have reviewed the provider's privacy and retention terms, and treat this as a broader cloud media editing skill rather than subtitle-only tooling.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (4)

Description-Behavior Mismatch

Medium
Confidence
93% confidence
Finding
The skill is presented as an auto-subtitle tool, but the documentation exposes much broader remote video-editing and export capabilities. This scope expansion increases the chance that users will send sensitive media or issue requests outside the expected trust boundary, creating privacy and misuse risks because a cloud backend can process far more than subtitle generation.

Context-Inappropriate Capability

Medium
Confidence
91% confidence
Finding
The documented behavior supports unrelated media-editing actions that are not justified by the stated purpose of adding subtitles. This mismatch is dangerous because it can conceal broader data handling and remote-processing behavior from users and reviewers, undermining informed consent and increasing the attack surface of the skill.

Vague Triggers

Medium
Confidence
95% confidence
Finding
Routing 'everything else' to the SSE action creates an overly permissive catch-all path that can forward arbitrary user requests to a powerful backend agent. In practice, this weakens intent validation and can enable unintended operations, data exfiltration through remote processing, or abuse of backend capabilities beyond the skill's stated purpose.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill encourages users to upload videos but does not clearly warn them up front that their media will be sent to a third-party cloud backend for processing. This is a genuine privacy and transparency issue, especially for user-generated or sensitive video content, because users may reasonably assume local or narrowly scoped handling based on the product framing.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal