ClawHub

Easy Ai Video

Security checks across malware telemetry and agentic risk

Overview

This appears to be a legitimate cloud video-editing skill, but it needs Review because it automatically connects to a third-party service and can broadly send prompts, uploads, URLs, and session data with limited user control.

Install only if you are comfortable sending video files, edit prompts, URLs, and generated timeline state to nemovideo.ai. Use it for explicit video-editing tasks, avoid sensitive footage or private/internal URLs, and review how NEMO_TOKEN and session data are stored before relying on it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Description-Behavior Mismatch

Medium
Confidence
93% confidence
Finding
The manifest markets the skill as taking raw video footage and returning polished MP4s, but the implementation documentation expands scope to URL ingestion and many non-video/image/audio formats. This scope mismatch can mislead users and host agents about what data types may be accepted and transmitted to the remote service, weakening informed consent and policy enforcement.

Vague Triggers

Medium
Confidence
85% confidence
Finding
The phrase 'create my raw video footage' is broad enough that an orchestrator may invoke the skill from ordinary conversational text without clear user intent to upload or process media. Unintended activation is risky here because first-run behavior automatically connects to a third-party API and may create authenticated sessions.

Vague Triggers

Medium
Confidence
94% confidence
Finding
The catch-all rule routes 'Everything else' to the SSE backend, which can cause unrelated user requests to be sent to the third-party service. Because prompts may contain sensitive text and the skill auto-establishes sessions, this overly broad routing materially increases the chance of unauthorized data disclosure and unintended remote actions.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The user-facing description emphasizes convenience but does not clearly disclose that uploaded media and prompts are transmitted to a remote third-party processing API. This undermines informed consent, especially for potentially sensitive videos, voice, and embedded metadata, and is more serious because the skill handles user files directly.

Missing User Warnings

Low
Confidence
90% confidence
Finding
The skill omits upfront notice that it may silently use an existing environment token or mint an anonymous token automatically. Automatic authentication changes the trust boundary and may result in account-linked or anonymous sessions being created without a clear user decision.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal