Back to skill

Security audit

Seedance2.5 Skill

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed wrapper for an external AI video/image generation service, with no evidence of hidden persistence, local data harvesting, or destructive behavior.

Install only if you are comfortable sending prompts, public image URLs, and account queries to the AI Director service and using paid credits through its API key. Avoid submitting private images or sensitive prompts unless you accept third-party processing.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
87% confidence
Finding
The skill declares use of environment variables and remote network access to an external API, but does not declare explicit permissions for those capabilities. This creates a trust and review gap: users or platforms may not realize the skill can transmit prompts, image URLs, and account-linked requests to a third-party service.

Vague Triggers

Medium
Confidence
81% confidence
Finding
The trigger description includes broad everyday phrases such as generating videos/images and checking balance/works, which can cause the skill to activate in contexts the user did not clearly intend. Mis-triggering can lead to unnecessary external API calls, accidental disclosure of user content, or unintended paid actions that consume credits.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill accepts external image URLs and sends prompts/content to a remote AI service, but the documentation does not clearly warn users that their data will leave the local environment. This is a privacy and consent issue because users may provide personal images or sensitive prompts without understanding they are being transmitted to a third party.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

Detected: suspicious.exposed_secret_literal

File appears to expose a hardcoded API secret or token.

Critical
Code
suspicious.exposed_secret_literal
Location
scripts/generate.py:32