Back to skill

Security audit

infinimo-ai-design-product-video-create

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed wrapper for Infinimo product-video API calls, with expected external uploads and no hidden persistence or destructive local behavior.

Install only if you intend to use Infinimo/clawec as an external service. Use a scoped API key, do not upload confidential product assets or sensitive prompts unless your organization accepts that third-party processing, and verify any remote log-delete id before using the documented delete endpoint.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Lp3

Medium
Category
MCP Least Privilege
Confidence
84% confidence
Finding
The skill documents executable shell commands (`bash scripts/*.sh`) but does not declare corresponding permissions or clearly constrain execution behavior. This can mislead users and host systems about the skill's actual capabilities, increasing the risk of unintended command execution against local environments or with inherited credentials.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill instructs users to upload product images and submit prompts/scripts to external third-party APIs without an explicit disclosure that these inputs leave the local environment and may be stored, logged, or processed by an external service. This creates a privacy and data-governance risk, especially if users provide proprietary product assets, unpublished campaign content, or sensitive business information.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The documented delete endpoint performs a destructive action on video logs but is presented without any warning, confirmation guidance, or scope description. Users may accidentally delete records or generated assets they intended to keep, especially in automated or copied command flows.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The script transmits both a local file and an authentication token to a remote third-party endpoint with no built-in disclosure, confirmation, or validation of what is being sent. In an agent-skill context, this increases the risk of unintended exfiltration of sensitive local files or misuse of the token if the script is invoked on arbitrary paths or by automation that the user does not fully inspect.

External Transmission

Medium
Category
Data Exfiltration
Content
echo "Usage: text_create.sh --prompt TEXT --model ID [--lang English] [--length 10]" >&2; exit 1; }
TOKEN="${INFINIMO_TOKEN:-${INFINIMO_API_KEY:?Set INFINIMO_TOKEN or INFINIMO_API_KEY}}"
PAYLOAD=$(python3 -c 'import json,sys; print(json.dumps({"prompt":sys.argv[1],"model":sys.argv[2],"target_language":sys.argv[3],"video_length":int(sys.argv[4]),"platform":1,"terminal":4,"language":"en"},ensure_ascii=False))' "$PROMPT" "$MODEL" "$LANG" "$LENGTH")
curl -s -X POST "https://www.clawec.com/api/aigc/ec_product_video/text_create" \
  -H "Token: $TOKEN" -H "Content-Type: application/json" -d "$PAYLOAD"
Confidence
90% confidence
Finding
curl -s -X POST "https://www.clawec.com/api/aigc/ec_product_video/text_create" \ -H "Token: $TOKEN" -H "Content-Type: application/json" -d

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.