ClawHub

Ai Video Face

Security checks across malware telemetry and agentic risk

Overview

This is a coherent cloud video face-editing skill, but it needs review because it can upload sensitive face video and broadly route edit requests to a third-party service without strong consent safeguards.

Install only if you trust the Nemovideo backend and are comfortable sending selected videos, faces, prompts, session data, and render jobs to that service. Use only footage you have rights and consent to edit, avoid impersonation or sensitive subjects, and prefer a dedicated, limited token that can be rotated.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Description-Behavior Mismatch

Medium
Confidence
88% confidence
Finding
The manifest presents the skill as a narrow face-editing tool, but the instructions expose a much broader remote media-editing capability, including uploads, timeline/state inspection, audio/text editing, and export of many formats. This scope mismatch can mislead users and host platforms about what the skill can do, weakening informed consent and policy review for a tool that handles sensitive media and remote processing.

Vague Triggers

Medium
Confidence
93% confidence
Finding
Routing 'everything else' to the main editing/SSE action creates an overly permissive command surface where ambiguous or unrelated prompts may trigger remote processing. In a skill that uploads user media and drives backend actions, this increases the chance of unintended operations, confused-deputy behavior, and abuse through prompt phrasing that bypasses narrow user intent checks.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill involves sending user video to remote GPU-backed services, but the user-facing description does not prominently warn about external processing before upload. Because videos may contain biometric and other sensitive personal data, insufficient disclosure undermines informed consent and can expose users to privacy and compliance risks.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill directs the agent to automatically use an environment token or config-derived credentials, and even to mint anonymous tokens, without a user-facing authorization step. This can silently consume existing credentials or create authenticated sessions against an external service, which is especially risky in an agent context where users may not realize local secrets or account-linked tokens are being used.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal