Video Enhancement

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed video-enhancement skill that uploads user-selected videos to verging.ai for processing, with no evidence of hidden persistence or unrelated access.

Install only if you are comfortable sending selected videos to verging.ai/cloud storage for processing and receiving results through public URLs. Use a dedicated revocable API key, monitor credit usage, avoid sensitive or unauthorized media, and verify any optional downloader skill before installing it.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 87% confidence
Finding: The primary description does not clearly warn that provided URLs may be fetched from third-party sites and that local videos will be uploaded to an external service. In a user-invocable skill, this can lead to unexpected data egress, privacy exposure, and accidental processing of sensitive local media or copyrighted remote content.

VirusTotal

49/49 vendors flagged this skill as clean.

View on VirusTotal