ClawHub

Video Trimmer In

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed cloud video editor, but its broad catch-all routing and remote media handling are wider than a simple trimmer and deserve review before installation.

Install only if you are comfortable sending selected videos, edit instructions, and possibly submitted media URLs to NemoVideo's cloud service. Avoid confidential or regulated footage unless you trust that service's privacy and retention practices, keep NEMO_TOKEN private, and confirm exactly what will be uploaded or rendered before using non-trimming edits.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (6)

Description-Behavior Mismatch

Medium
Confidence
88% confidence
Finding
The skill is presented as a simple video trimmer, but the documented capabilities include broader media editing, compositing, asset handling, and render orchestration. This scope mismatch can mislead users and host systems about what the skill is allowed to do, increasing the chance that broader actions are invoked without informed consent or appropriate policy review.

Context-Inappropriate Capability

Medium
Confidence
91% confidence
Finding
Allowing media ingestion by arbitrary URL materially expands the attack surface beyond user-uploaded files. Remote fetch capability can be abused for unintended network access, retrieval of sensitive/internal resources in some deployments, or processing third-party content the user did not directly provide.

Intent-Code Divergence

Low
Confidence
84% confidence
Finding
The documentation frames the tool as a trimmer, yet routing rules cover broader editing actions like aspect ratio changes, text overlays, and audio track manipulation. This hidden expansion of scope can cause the skill to perform operations users and reviewers would not reasonably expect from the advertised purpose.

Vague Triggers

Medium
Confidence
82% confidence
Finding
The invocation guidance includes a very generic phrase that could match ordinary conversation and trigger the skill unexpectedly. Over-broad activation increases the risk of the skill engaging on unrelated prompts, potentially causing unintended uploads, session creation, or external API calls.

Vague Triggers

Medium
Confidence
80% confidence
Finding
The sample trigger phrases are too generic to reliably distinguish skill-specific requests from normal user conversation. This weak scoping can result in accidental routing into a cloud-backed editing workflow when the user did not intend to invoke the skill.

Vague Triggers

Medium
Confidence
93% confidence
Finding
The routing table uses a catch-all fallback that sends virtually all other requests into the SSE editing pipeline. In a skill connected to external services, this creates a broad unintended execution surface where unrelated prompts may trigger remote processing, state changes, or media operations.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal