ClawHub

Ai Video Editor Gpt

Security checks across malware telemetry and agentic risk

Overview

The skill appears to support cloud video editing, but it uses broad remote-processing and session-token behavior that users should review before installing.

Install only if you are comfortable with videos, editing prompts, and related metadata being sent to NemoVideo cloud services. Before use, confirm what token is used, where session state is stored, how to revoke it, and require explicit confirmation before uploads or remote editing actions.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Context-Inappropriate Capability

Medium
Confidence
90% confidence
Finding
The skill instructs the agent to read an authentication token from the environment and, if absent, autonomously obtain a new bearer token from a remote anonymous-token API and persist session state for later calls. That expands the skill from simple media editing into credential acquisition and account/session management, which can cause unintended external account creation, opaque backend access, and use of user-affecting tokens without explicit consent.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The startup copy and invocation phrases are broad enough that ordinary conversation like sharing footage or saying 'export 1080p MP4' could trigger the skill without a strong, explicit invocation boundary. In a skill that uploads files and contacts third-party services, overbroad activation increases the risk of unintended data transfer and surprise external actions.

Vague Triggers

Medium
Confidence
92% confidence
Finding
The routing table sends 'Everything else' to the SSE action, creating an ambiguous catch-all that can interpret a wide range of unrelated user text as instructions for the remote editing backend. This is especially risky because the backend can receive arbitrary prompts and the skill may initiate external processing even when the user's intent is unclear.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill says it will 'handle' AI-assisted editing on cloud GPUs, but the onboarding and auth flow do not prominently warn that user videos and instructions are uploaded to a third-party cloud service and tied to a session/token. Users may share sensitive recordings without understanding that off-device transfer and remote processing will occur.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal