ClawHub

Pixabay Music Ab2n

Security checks across malware telemetry and agentic risk

Overview

This skill is a real remote video-editing helper, but it asks for broader third-party processing authority than its narrow Pixabay-music presentation clearly discloses.

Install only if you are comfortable sending media files, prompts, editing state, and token/session data to nemovideo.ai. Avoid private or proprietary media unless you trust that provider, and use explicit upload/edit/export requests rather than ambiguous prompts.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Description-Behavior Mismatch

Medium
Confidence
87% confidence
Finding
The manifest presents a narrowly scoped Pixabay-music helper, but the body documents a more capable remote video-editing pipeline with session management, uploads, state inspection, credits, and export behavior. That scope mismatch can mislead users and host platforms about what data and actions the skill will perform, reducing informed consent and weakening review boundaries.

Description-Behavior Mismatch

Medium
Confidence
84% confidence
Finding
The skill claims a video-upload workflow, but the documented accepted formats include many additional media types such as images and standalone audio. This broadens the effective data ingestion surface beyond user expectations, which can lead to unintended transmission of non-video media to the remote service.

Vague Triggers

Medium
Confidence
90% confidence
Finding
Routing 'Everything else' to the SSE editing action makes the trigger policy excessively broad, so nearly any unmatched prompt may be sent to the backend for processing. This increases the chance of unintended remote actions, accidental data disclosure, and abuse of a more powerful editing interface than the user intended to invoke.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill instructs the agent to automatically connect to a backend and even acquire an anonymous token without a clear upfront warning that network requests and user content will be sent to a third-party service. Automatic authentication and session creation before meaningful notice undermines transparency and informed consent, especially for uploaded media.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal