Back to skill

Security audit

Fal.ai API

Security checks across malware telemetry and agentic risk

Overview

This skill appears to be a normal fal.ai media-generation integration, with the main caution that user prompts and media are sent to fal.ai.

Install only if you are comfortable sending prompts and any uploaded media to fal.ai under that provider's terms. Avoid including secrets, private customer data, regulated personal data, or confidential media in generation requests unless your own policies allow it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
86% confidence
Finding
The skill metadata declares only an environment requirement, but the documented behavior clearly implies outbound network access and likely code execution paths beyond a purely declarative skill. Undeclared capabilities reduce transparency and can bypass user or platform expectations about what the skill is allowed to do, especially when handling API keys and remote requests.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill instructs users to provide an API key and submit prompts/media to fal.ai, but it does not disclose that those prompts, images, audio, or other user inputs will be transmitted to a third-party service. This can lead to accidental disclosure of sensitive or regulated data because users may assume processing is local or may not realize external retention and logging policies apply.

Missing User Warnings

Medium
Confidence
83% confidence
Finding
The skill sends user-provided prompts to fal.ai, an external third-party service, but the code and module docs do not clearly warn users that submitted text leaves the local environment. In agent settings, prompts can contain secrets, internal data, or sensitive business content, so silent transmission increases data leakage risk.

VirusTotal

57/57 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.