Video Generator Auto Post

Security checks across malware telemetry and agentic risk

Overview

This skill looks more like an incomplete draft for video generation and social posting, and it asks users to prepare account API keys without enough scoping or safety guidance.

Treat this as a draft, not a ready automation tool. Do not add real social-media API keys until the missing scripts and real posting behavior are reviewed, the required API scopes are documented, .env handling is secured, and posting defaults to dry-run or asks for explicit confirmation before publishing.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands

Findings (4)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 76% confidence
Finding: The skill documentation instructs users to configure API keys in a .env file and references automation scripts, but the skill does not declare corresponding permissions or clearly scope secret access. That mismatch can cause users or platforms to expose environment-based credentials to code paths without explicit review, increasing the risk of unauthorized account actions or secret leakage.

Tp4

High

Category: MCP Tool Poisoning
Confidence: 90% confidence
Finding: The documented behavior materially overstates what the skill actually does, including claims of local AI video generation, batch processing, and automated social posting that static analysis indicates are absent or stubbed. This is dangerous because users may grant trust, credentials, or operational reliance based on false capabilities, and description/behavior mismatches are a common indicator of deceptive packaging or incomplete implementations that hide risk.

Missing User Warnings

Medium

Confidence: 87% confidence
Finding: The setup tells users to place social-media API keys in a .env file and run an auto-post script, but it does not prominently warn that this enables automated publication to linked accounts. Without explicit user-facing warnings about credential sensitivity and posting consequences, users may unintentionally authorize mass posting, account misuse, or accidental disclosure through poorly handled secrets.

Vague Triggers

Medium

Confidence: 80% confidence
Finding: The trigger phrases are very broad and can invoke the skill for generic requests like creating or posting videos without requiring confirmation, platform scoping, or user intent checks. In a skill that can touch local files, generation workflows, and social posting, overly broad invocation increases the chance of accidental execution or unintended account-affecting actions.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal