ClawHub

Opus Ai Video Editor Job

Security checks across malware telemetry and agentic risk

Overview

This cloud video-editing skill is purpose-aligned, but it automatically creates backend sessions and has broad routing that can send user media or prompts to an external service without clear user confirmation.

Review before installing. Use it only for media and prompts you are comfortable sending to nemovideo.ai, prefer a dedicated NEMO_TOKEN, and ask the agent to confirm before creating a session, uploading files or URLs, sending free-form edit prompts, or exporting work that may use credits.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (5)

Description-Behavior Mismatch

Medium
Confidence
82% confidence
Finding
The skill is presented as a raw video editor, but the documented accepted inputs include non-video media and URL-based ingestion. That expands the data ingestion surface beyond user expectations and can enable remote fetching or processing of third-party content, which increases privacy, abuse, and content-handling risk if not clearly disclosed and constrained.

Context-Inappropriate Capability

Medium
Confidence
93% confidence
Finding
The skill instructs the agent to provision anonymous backend tokens whenever no existing credential is present. That gives the skill an account/bootstrap capability beyond simple media editing, and can be abused to create service access on behalf of users without explicit consent or administrative controls.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The invocation examples are overly broad and generic, making accidental activation more likely during normal conversation. In a skill that uploads media and initiates remote processing, ambiguous triggers increase the chance of unintended data transfer or backend actions without sufficiently clear user intent.

Vague Triggers

Medium
Confidence
91% confidence
Finding
The routing table includes a catch-all rule that sends 'everything else' to the SSE editing path. This is risky because vague or unrelated user input could trigger backend requests, causing unintended edits, session activity, or remote transmission of user content.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill encourages users to share raw footage and immediately connects to a remote backend, but it does not clearly warn that uploaded media is sent to third-party cloud services for processing. Because raw video often contains sensitive personal, proprietary, or biometric information, inadequate disclosure creates significant privacy and compliance risk.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal