ClawHub

Maker Pro

Security checks across malware telemetry and agentic risk

Overview

Maker Pro is a cloud video-editing skill that uses NemoVideo APIs for user-requested media processing, with privacy considerations but no evidence of hidden, destructive, or malicious behavior.

Install only if you are comfortable sending selected videos, audio, images, edit prompts, and render metadata to NemoVideo cloud services. Avoid confidential footage unless you trust that provider, protect any NEMO_TOKEN you configure, and ask the agent to confirm before uploads, exports, or actions that may spend credits.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
89% confidence
Finding
The routing rule sends nearly all unmatched prompts to the SSE editing action, which can cause unintended remote processing of user input and files. In a skill that uploads media and invokes cloud-side editing, such a catch-all greatly increases the chance that ambiguous or unrelated user requests trigger external actions without clear user intent.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill encourages users to provide raw footage but does not prominently warn, at the point of use, that videos are transmitted to and processed by a third-party cloud backend. This creates a privacy and consent risk because users may upload sensitive recordings without understanding that content leaves the local environment.

Missing User Warnings

Low
Confidence
84% confidence
Finding
The metadata declares access to an environment token and a local config path, but the user-facing description does not disclose that the skill can use locally available credentials and configuration. While the file does not directly exfiltrate these values, undisclosed credential/config access reduces transparency and could enable unexpected account use.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal