ClawHub

Music To Your

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed cloud video-editing skill that uploads user-selected media to NemoVideo for music syncing and export, with some broader editing support users should understand.

Install only if you are comfortable sending the media you choose, plus editing prompts and project state, to NemoVideo's cloud service. Avoid private or sensitive clips unless you trust that provider's handling and retention practices, and keep NEMO_TOKEN private.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Description-Behavior Mismatch

Medium
Confidence
92% confidence
Finding
The manifest markets a narrowly scoped background-music-syncing skill, but the body documents broader editing behaviors such as aspect-ratio handling, text overlays, track inspection, and general editing intent routing. This scope drift can mislead users and reviewers about what the skill will do and what kinds of content or actions it may process, weakening informed consent and trust boundaries.

Description-Behavior Mismatch

Medium
Confidence
95% confidence
Finding
The skill description frames the tool as accepting uploaded video clips, but the documented supported formats include images and standalone audio files. This materially expands the data ingestion surface beyond the stated purpose, creating a mismatch that can cause users to submit different categories of content than they intended under incomplete disclosure.

Vague Triggers

Medium
Confidence
90% confidence
Finding
Routing 'Everything else' to the SSE editing workflow is overly broad and causes nearly any unmatched user request to be sent to the backend as an editing instruction. In a skill that uploads and manipulates user media through a cloud service, this increases the chance of unintended actions, ambiguous execution, and processing outside the user's reasonably expected request scope.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The quick-start flow instructs the agent to connect automatically to a cloud backend and upload/process media there, but the skill description does not clearly warn users that their files are sent to a third-party remote service. For media content, this is a meaningful transparency and privacy issue because users may assume local or minimally disclosed processing.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal