ClawHub

Ai Video Editor Easy

Security checks across malware telemetry and agentic risk

Overview

This is a coherent cloud video-editing skill, but it sends media and prompts to a NemoVideo backend and should be used only with footage you are comfortable uploading.

Install if you are comfortable using a third-party cloud service for editing. Avoid uploading private or sensitive footage unless you trust NemoVideo's handling of videos, prompts, URLs, session state, and generated outputs; ask for confirmation before uploads or exports when the request is ambiguous.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (5)

Description-Behavior Mismatch

Medium
Confidence
95% confidence
Finding
The skill claims a local video-upload workflow, but the documented upload API also accepts arbitrary remote URLs. That materially expands the data ingress surface beyond user-supplied files and can enable unintended fetching of third-party or internal resources if the backend follows attacker-controlled URLs.

Description-Behavior Mismatch

Medium
Confidence
90% confidence
Finding
The manifest presents a narrow video-editing skill, but the documentation advertises many additional media/output formats including images and audio. This scope mismatch increases the chance the skill is used in ways the user did not consent to and may expose broader backend capabilities than necessary for the declared purpose.

Context-Inappropriate Capability

Low
Confidence
84% confidence
Finding
Inferring the platform from install-path inspection collects environmental information unrelated to core video editing. While low severity, this creates unnecessary host fingerprinting and can leak deployment details that are useful for tracking, profiling, or tailoring further behavior.

Vague Triggers

Medium
Confidence
87% confidence
Finding
The invocation examples are broad enough that ordinary phrases like 'export 1080p MP4' or generic editing requests may activate the skill unexpectedly. Over-broad activation can cause users to initiate backend connections, token acquisition, or file-processing flows without clear intent.

Vague Triggers

Medium
Confidence
93% confidence
Finding
The catch-all routing rule for 'Everything else' makes the activation scope effectively unbounded for any non-matching prompt. In practice, this can route unrelated user text into the SSE backend, increasing the risk of unintended external data disclosure and unauthorized actions.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal