ClawHub

Tom Video Understanding

Security checks across malware telemetry and agentic risk

Overview

This is a small instruction-only video analysis skill whose local processing steps are coherent, with an optional cloud summary step users should treat carefully.

Before installing, use the local ffmpeg/FunASR/Ollama workflow for private videos. Only use the optional cloud summary step after choosing and trusting the provider, because transcripts, frame descriptions, or summaries could leave your machine.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Description-Behavior Mismatch

Medium
Confidence
92% confidence
Finding
The skill is presented as a local video-understanding workflow, but it explicitly allows a cloud LLM API for summary and analysis. That can cause users to send transcriptions, frame descriptions, or other potentially sensitive video-derived content off-device under a misleading 'local' trust assumption.

Vague Triggers

Medium
Confidence
79% confidence
Finding
The invocation guidance, 'use this skill when you need to understand the content of a video,' is broad enough that an agent may invoke it in many loosely related situations. Over-broad triggering can lead to unnecessary processing of user videos and extracted media, increasing privacy exposure and accidental use without clear user intent.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill mentions cloud LLM usage for summary/analysis but does not provide a clear user-facing warning that video-derived data may be transmitted to an external service. This creates a privacy and compliance risk because users may reasonably expect all processing to remain local based on the skill description.

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal