Video Trimmer Download For Pc

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed cloud video-trimming skill with some broad routing language users should treat carefully.

Install only if you are comfortable sending the videos, audio, images, and edit instructions you provide to NemoVideo's cloud service. Avoid sensitive recordings, monitor credit or subscription use, and be explicit when invoking the skill so unrelated chat is not sent to the editing backend.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 89% confidence
Finding: The prompt guidance invites activation from very broad natural-language phrases like 'tell me what you're thinking,' which can cause the skill to engage on ordinary conversation unrelated to explicit video-editing intent. Over-broad invocation boundaries increase the chance of unintended uploads, backend calls, or session creation without sufficiently clear user intent.

Vague Triggers

Medium

Confidence: 93% confidence
Finding: The routing table sends 'Everything else' to the SSE action, effectively making the backend a catch-all handler for ambiguous input. This can turn unrelated or weakly related user text into remote processing requests, expanding attack surface and creating opportunities for unintended external API calls or manipulation of session state.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal