Security audit

myreels-storyboard

Security checks across malware telemetry and agentic risk

Overview

This is a storyboard-planning skill with disclosed local project files and a separate generation handoff, with no executable code or hidden data transfer found.

Install only if you want a structured storyboard workspace. Choose the output folder deliberately, avoid using confidential scripts unless you are comfortable with local drafts and generation metadata being saved, and review the separate myreels-api skill before sending approved CSVs for image or video generation.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (4)

Description-Behavior Mismatch

High

Confidence: 96% confidence
Finding: The skill metadata says it only handles storyboard planning and should hand off actual generation to `myreels-api`, but the body directs the skill to create generation workspaces, persist request payloads, task snapshots, metadata, and generated media artifacts. This scope drift is dangerous because users and orchestrators may trust the skill as planning-only while it performs side-effecting file operations and potentially participates in generation workflows with stored sensitive prompts, paths, and URLs.

Description-Behavior Mismatch

Medium

Confidence: 90% confidence
Finding: The output section advertises character reference images and storyboard image URLs as outputs of this skill, which contradicts the stated boundary that image/video generation belongs to `myreels-api`. This mismatch can mislead users, policy engines, or tool routers into granting broader trust or permissions than intended, increasing the chance of unauthorized generation-adjacent actions or confusing cross-skill responsibility.

Missing User Warnings

Medium

Confidence: 97% confidence
Finding: The skill instructs automatic creation of a project workspace and ongoing file persistence in the current working directory or requested directory without a clear upfront warning or consent checkpoint. Unprompted local writes can leak sensitive story content, clutter user environments, and create unauthorized persistent artifacts, especially if the skill triggers broadly or runs in shared workspaces.

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The template instructs the skill to persist extensive local project artifacts, including prompts, request payloads, task IDs, timestamps, URLs, and local output paths, but it does not require user notice, consent, retention limits, or redaction. In a storyboard tool, these records can contain sensitive creative material, personal data, account-linked identifiers, and downstream service metadata, so silent persistence creates a real privacy and data-handling risk even if it is not directly exploitable as code execution.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal