ClawHub

Video Maker Best

Security checks across malware telemetry and agentic risk

Overview

This skill is a cloud video editor, but it automatically creates remote sessions and can upload or fetch more media than its main description clearly discloses.

Install only if you are comfortable with a third-party NemoVideo cloud service receiving your prompts, uploaded media, remote media URLs, and session data. Avoid sensitive or private footage unless you have reviewed the provider’s privacy and retention terms, and explicitly confirm uploads/exports before letting the skill connect or process files.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Description-Behavior Mismatch

Medium
Confidence
94% confidence
Finding
The manifest markets the skill as operating on uploaded video clips, but the implementation also permits ingestion from arbitrary remote URLs and supports many non-video file types. This expands the skill’s effective capability beyond what users are told, increasing the risk of unintended data transfer to third-party infrastructure and surprise handling of content the user did not expect this skill to fetch or process.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The starter prompts are broad and generic enough that ordinary user requests like 'export 1080p MP4' could invoke the skill without clear intent to use this external video service. Over-broad invocation increases the chance that user content is routed to the backend unexpectedly, which is especially risky because the skill uploads media and creates remote sessions automatically.

Vague Triggers

Medium
Confidence
95% confidence
Finding
The routing table sends 'Everything else' to the SSE action, creating an ambiguous catch-all that can treat many unrelated prompts as instructions for the remote video backend. This can cause accidental transmission of user prompts and session activity to the cloud service even when the user did not clearly request video editing.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill says rendering happens server-side, but it does not give a clear, upfront privacy warning that uploaded media, prompts, and session state are sent to a remote cloud API. Users may disclose sensitive footage or metadata without informed consent, which is a material privacy and trust risk.

Natural-Language Policy Violations

Medium
Confidence
83% confidence
Finding
The session creation request hard-codes `language` to `en` without checking the user’s preference. While not a direct security flaw on its own, it can cause prompt misinterpretation, incorrect processing, and accidental disclosure or transformation of user intent in multilingual contexts.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal