ClawHub

Screen Record Free

Security checks across malware telemetry and agentic risk

Overview

This is a real cloud video-editing skill, but it connects to a remote service and creates/uses tokens with too little user-facing disclosure or control.

Install only if you are comfortable sending recordings, prompts, and possibly other media to nemovideo.ai. Use a dedicated NEMO_TOKEN if you have one, avoid confidential screen recordings, and expect the skill to create a remote session and consume service credits.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (4)

Context-Inappropriate Capability

Medium
Confidence
90% confidence
Finding
The skill explicitly instructs the agent to obtain anonymous auth tokens and create authenticated backend sessions before handling user requests. That is a real security and privacy concern because it grants credentialed access to a third-party service and enables network actions without clear user consent, expanding the skill beyond local or purely declarative editing behavior.

Description-Behavior Mismatch

Medium
Confidence
81% confidence
Finding
The skill metadata markets support for a narrow set of video formats, but the body documents many additional media types including images and audio. This mismatch is risky because it can cause users or calling systems to misclassify the skill’s capabilities, leading to broader-than-expected file handling and potential data exposure to backend processing pipelines.

Vague Triggers

Medium
Confidence
87% confidence
Finding
Routing 'Everything else' to the SSE editing action is an overly broad trigger that can cause unrelated or ambiguous user input to be forwarded to the remote backend. In this skill, that increases the chance of unintended network transmission, unexpected edits, or misuse of backend credits/sessions from prompts that were not clearly editing requests.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill tells the agent to silently authenticate, acquire tokens, and establish sessions while 'keep[ing] the technical details out of the chat.' That is dangerous because it hides meaningful security and privacy behavior from the user, including account creation, credential use, and remote transmission of requests or files to a third-party API.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal