Sora 2

Security checks across malware telemetry and agentic risk

Overview

This skill is a straightforward PoYo Sora 2 API helper, with its external API use and credential requirement disclosed and aligned with video generation.

Install this only if you intend to use PoYo's API. Keep POYO_API_KEY private, prefer using it from the environment rather than passing it as a command argument, review JSON payloads before submission, and avoid sending sensitive prompts or private image URLs unless you are comfortable sharing them with PoYo.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 88% confidence
Finding: The skill advertises and instructs shell-based execution via `curl` and `scripts/submit_sora_2.sh`, while the static finding indicates no declared permissions for shell capability. This creates a permission-model gap: an agent may invoke shell/network operations without explicit user-visible declaration, increasing the risk of unintended command execution or data exfiltration through the shell path.

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: The reference documents sending user prompts, image URLs, and optionally callback destinations to a third-party service, but it does not present a clear upfront privacy/disclosure warning before describing usage. In an agent skill context, users may provide sensitive text or media without realizing it will be transmitted externally, creating data exposure and consent risks.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal