Audio Play
Security checks across malware telemetry and agentic risk
Overview
The skill’s audio-playback purpose is clear, but it would run an absolute local Python file that is not included in the package, so the executable code is not reviewable here.
Install only if you can independently inspect and trust the exact audio_play.py file at the configured local path and any player configuration it uses. A safer version should package the executable script and reference it with a relative path inside the skill.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
64/64 vendors flagged this skill as clean.