Back to skill

Security audit

Gemini STT

Security checks across malware telemetry and agentic risk

Overview

This skill does what it says: it transcribes user-selected audio by sending it to Google Gemini or Vertex AI, with no evidence of hidden persistence, unrelated file access, or malicious behavior.

Install only if you are comfortable sending the audio files you choose to Google Gemini or Vertex AI under your API key or Google Cloud credentials. Do not use it for confidential, regulated, or third-party recordings unless your policy allows that cloud processing.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
93% confidence
Finding
The skill documentation describes and encourages use of environment variables, network access to Google endpoints, and shell commands, but it does not declare corresponding permissions. This creates a transparency and least-privilege problem: users or platforms may invoke the skill without realizing it can access credentials and transmit local audio data externally.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill explains authentication setup and usage but does not clearly warn that supplied audio files are uploaded to Google Gemini or Vertex AI for processing. This is a privacy and data-handling issue because users may pass sensitive voice messages, believing transcription is local or not appreciating that third-party cloud services receive the content.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The skill uploads full audio contents to external Google services for transcription, but there is no explicit runtime warning or consent checkpoint about data leaving the local environment. In a transcription skill, network transmission is expected, yet this still creates privacy and compliance risk if users process sensitive recordings unknowingly.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.