Back to skill

Security audit

Veo 3 Video Gen (Gemini API)

Security checks across malware telemetry and agentic risk

Overview

This skill does what it claims: it generates and stitches videos through Google Gemini/Veo, with the main user consideration being that prompts and optional images are sent to Google.

Install only if you are comfortable sending your prompts, segment prompts, base-style text, and any reference or last-frame images to Google Gemini/Veo. Use a restricted Gemini API key, prefer GEMINI_API_KEY over passing secrets on the command line, watch segment count for quota or billing, and choose output filenames carefully because existing files can be overwritten.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
95% confidence
Finding
The skill advertises and invokes capabilities including environment-variable access, file read/write, network calls, and shell execution, but does not declare permissions or warn users accordingly. This creates a transparency and consent problem: users or orchestrators may run a skill with broader access than expected, increasing the chance of unintended data exposure, command execution, or filesystem modification.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill sends user-provided prompts and optional reference images to an external Google service, but the description does not clearly disclose this data flow or its privacy implications. Users may unknowingly transmit sensitive prompts, proprietary creative material, or internal images to a third party, which is especially risky because the skill encourages attaching reference-image files.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.