ClawHub

Kirk Ai Subtitle

Security checks across malware telemetry and agentic risk

Overview

This is a real cloud subtitle/video-processing skill, but it connects and sends media or prompts to a third-party backend too broadly and with weak user-facing consent.

Install only if you are comfortable sending videos, prompts, URLs, and render state to nemovideo.ai for cloud processing. Avoid private, regulated, or sensitive media unless you understand the service's retention and deletion controls, and use explicit subtitle-related requests with confirmation before uploads or exports.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (6)

Context-Inappropriate Capability

Medium
Confidence
92% confidence
Finding
Allowing uploads by arbitrary URL gives the backend a fetch capability that can be abused to retrieve attacker-chosen remote resources without clear user validation. Even if intended for convenience, this creates SSRF-style risk, privacy issues, and the possibility of pulling untrusted or internal resources through the service.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The phrase 'Or just tell me what you're thinking' is overly broad and can cause the skill to activate on normal conversation unrelated to subtitle generation. Overbroad activation increases the chance of unintended backend actions, token use, and accidental cloud processing of user content without clear intent.

Vague Triggers

Medium
Confidence
94% confidence
Finding
Example triggers like 'add my video files' and 'export 1080p MP4' are too generic and could match many unrelated file-handling or export conversations. This raises the risk of accidental invocation and hidden remote actions, especially because the skill immediately establishes backend connectivity and may obtain tokens.

Missing User Warnings

Medium
Confidence
98% confidence
Finding
The skill instructs the agent to silently connect to a third-party backend, acquire or reuse tokens, and hide technical details from the user before handling requests. This undermines informed consent and can lead to undisclosed transmission of user data or account-affecting actions to an external service.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill encourages users to drop video files for cloud GPU subtitle generation without warning that videos are uploaded and processed remotely. Because videos often contain sensitive audio, imagery, metadata, or personal information, omission of this disclosure materially increases privacy and confidentiality risk.

Natural-Language Policy Violations

Medium
Confidence
84% confidence
Finding
Hard-coding session language to English without user choice is primarily a consent and correctness issue rather than a severe security flaw. However, it can mis-handle user content, degrade transcription accuracy, and cause unintended processing behavior for non-English material.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal