Back to skill

Security audit

manga-animation

Security checks across malware telemetry and agentic risk

Overview

This is a coherent manga-animation workflow that uses disclosed Volcengine Ark APIs and local project files, with privacy and credential-handling precautions users should understand.

Use a virtual environment, keep ARK_API_KEY in an environment variable rather than editing it into source files, review each checkpoint before generating media, and avoid sending private scripts, proprietary images, or sensitive character references to Ark unless you are comfortable with that third-party processing.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Taint TrackingDirect Taint Flow, Variable-Mediated Taint Flow, Credential Exfiltration Chain
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Tainted flow: 'url' from os.getenv (line 100, credential/environment) → requests.get (network output)

Critical
Category
Data Flow
Content
# ──────────────────────────────────────────────────────
def download_image(url: str, out_path: str) -> bool:
    try:
        r = requests.get(url, timeout=60)
        r.raise_for_status()
        Path(out_path).parent.mkdir(parents=True, exist_ok=True)
        with open(out_path, "wb") as f:
Confidence
94% confidence
Finding
r = requests.get(url, timeout=60)

Vague Triggers

Medium
Confidence
91% confidence
Finding
The activation text is extremely broad and mandatory, covering many ordinary creative requests and saying the skill must be used immediately even for vague prompts. Over-broad triggering can cause unintended invocation of a networked, file-writing workflow, increasing the chance of unnecessary external API use, unwanted file creation, and reduced user control/consent.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The script converts a local image into a base64 data URI and submits it to a remote Ark video-generation API, but it provides no explicit consent prompt, privacy warning, or data-classification check before upload. In this skill context, storyboard/reference images may contain sensitive or proprietary creative material, so silent transmission to a third-party service creates a real confidentiality and compliance risk.

Missing User Warnings

Medium
Confidence
84% confidence
Finding
The script rewrites storyboard.json and creates generation_log.json and output video files as part of normal execution, but it does not clearly warn that input metadata will be modified on disk. This can unexpectedly alter project state, overwrite curated metadata, or leak internal paths and generation history into persistent files, which is a legitimate integrity/privacy concern even if not overtly malicious.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.