ClawHub

Ai Voiceover Italiano

Security checks across malware telemetry and agentic risk

Overview

This skill is a real cloud video voiceover workflow, but it automatically opens a third-party session and uses broad routing that could send unrelated prompts or media-processing requests to the backend.

Review before installing. Use this only if you are comfortable sending videos, prompts, and related session data to NemoVideo for cloud processing. Avoid confidential footage unless you have verified the vendor's privacy and retention terms, and invoke it with explicit Italian-voiceover requests rather than generic upload, export, or editing prompts.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (6)

Description-Behavior Mismatch

Medium
Confidence
95% confidence
Finding
The skill is presented as a narrowly scoped Italian voiceover tool, but the documented behavior exposes a much broader cloud video-editing pipeline, including general editing, session state access, exports, and media manipulation. This scope mismatch undermines informed consent and least-privilege expectations, making users more likely to authorize data upload and backend actions they did not intend.

Context-Inappropriate Capability

Medium
Confidence
92% confidence
Finding
The documentation introduces unrelated general editing capabilities beyond the stated Italian voiceover purpose, such as broad action routing and render/export pipeline behavior. Even if not overtly malicious, this expands the operational scope of the skill and can lead to user confusion, unintended remote processing, and misuse of uploaded media in ways not justified by the advertised function.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The invocation guidance includes very broad phrases like sharing files or vague requests, which increases the chance the skill activates on ordinary conversation or loosely related user input. In a skill that performs networked media upload and backend session setup, accidental triggering can expose user data or initiate remote actions without meaningful intent.

Vague Triggers

Medium
Confidence
93% confidence
Finding
The catch-all routing rule sends 'everything else' to the SSE backend, which is an overly ambiguous trigger for a skill with remote processing capabilities. This can cause unrelated or accidental user text to be transmitted to the vendor service and acted upon, expanding both privacy and unintended-action risk.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill instructs automatic backend connection plus anonymous token and session creation on first open, without a clear upfront warning that network/authentication activity will occur. Silent remote authentication and session establishment can surprise users, create external accounts/tokens without informed consent, and normalize hidden data transfers.

Missing User Warnings

Medium
Confidence
98% confidence
Finding
The skill does not clearly warn users that uploaded videos and prompts are sent to a cloud processing service. Because the content can be sensitive or proprietary, failing to disclose off-device transfer and remote retention/processing creates a significant privacy and confidentiality risk in this context.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal