ClawHub

Screen Recording Editor Online

Security checks across malware telemetry and agentic risk

Overview

The skill appears to be a cloud video-editing integration, but its remote upload/token behavior and broad routing need review before install.

Install only if you are comfortable sending media files, project state, and edit instructions to NemoVideo's cloud service. Before use, check whether the skill asks before uploads or token creation, and avoid using it on recordings that contain passwords, private messages, customer data, or other sensitive content.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Context-Inappropriate Capability

Medium
Confidence
92% confidence
Finding
The skill automatically acquires and uses authentication tokens, including creating anonymous starter tokens, without an explicit user-consent step tied to each external action. This expands the skill from simple media editing into autonomous account/session provisioning against a third-party service, which can cause unintended external requests, token misuse, and opaque billing or quota consumption.

Vague Triggers

Medium
Confidence
77% confidence
Finding
The example invocation language is broad enough that ordinary conversational phrases could activate the skill unexpectedly. That increases the chance of unintentional routing into a workflow that uploads files, creates sessions, or sends editing instructions to a remote backend without the user clearly intending to invoke this specific skill.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The catch-all 'Everything else' routing rule is overly permissive and can funnel unrelated prompts into the SSE editing path. In context, that path sends user text to a remote service and may trigger state-changing operations, so ambiguous routing materially raises the risk of unintended disclosure or action.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill describes cloud processing but does not provide a clear user-facing warning that uploaded media and edit instructions are transmitted to a remote third-party service. Because screen recordings often contain sensitive on-screen content, silent transmission to an external backend creates meaningful privacy and data-handling risk.

Missing User Warnings

Low
Confidence
84% confidence
Finding
The metadata indicates the skill can use an environment token and local config paths for authentication, but the user-facing description does not disclose this behavior. While this is less severe than silent media upload, it still reduces transparency around credential use and may surprise users or administrators about how the skill authenticates to external services.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal