ClawHub

AI 短视频工厂

Security checks across malware telemetry and agentic risk

Overview

This video-rendering skill is mostly purpose-aligned, but it asks the agent to bypass sandboxing and includes a privileged repair command without enough user-facing caution.

Install only if you are comfortable with a local video-production skill that can run npx/HyperFrames, download browser components, invoke FFmpeg, process local media, and potentially consume significant CPU, disk, and bandwidth. Review and approve any sandbox-disabled render or sudo command manually, and prefer running the workflow in an isolated project or container.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill advertises automatic setup and rendering workflows that include downloading Chrome Headless Shell, installing or invoking Node/HyperFrames tooling, and performing FFmpeg/media-rendering operations, but it does not warn users about these system-impacting actions. This can lead to users unknowingly authorizing network downloads, local resource consumption, and modification of the execution environment, which is risky in agent-driven contexts.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill directs use of `dangerouslyDisableSandbox: true` to launch Chrome without a nearby warning or strong scoping constraints. Disabling the browser sandbox materially weakens process isolation, so any malicious HTML, JS, or browser-exploitable content processed during rendering could have greater access to the host environment.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The troubleshooting step recommends `sudo chown -R $(whoami) ~/.npm` without warning about the risks of recursive ownership changes under elevated privileges. Broad ownership rewrites can damage local security posture, mask permission problems, or unintentionally alter files beyond the intended cache area if paths are misresolved or expanded unexpectedly.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal