Security audit

Audio Rename

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward local audio filename renamer, with the main caution being accidental renames from batch use or the broad “fix filename” trigger.

Install if you want a local audio filename normalization helper. Before running it, verify the exact file or directory path, especially with --all, and consider using a copied folder because the skill renames files in place.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Shadow Command Trigger

Medium

Category: Trigger Abuse
Confidence: 83% confidence
Finding: The trigger phrase 'fix filename' overlaps with the built-in 'fix' command namespace and can cause accidental invocation of this skill when a user intends a different built-in action. Because this skill performs file renaming, unintended activation could modify filenames in user-selected locations, creating confusion, workflow disruption, or accidental data handling side effects.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.