Back to skill

Security audit

Video Metadata Intelligence System

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed video-analysis skill whose main risk is privacy exposure when video frames, audio, transcripts, or generated observations are sent to configured LLM services or another agent.

Install only if you are comfortable processing the selected videos with this workflow. For private, regulated, or confidential videos, prefer local processing and avoid API modes unless you trust the configured endpoint and its retention policy. Review agent-mode prompt output before passing it to another agent or publishing pipeline.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
88% confidence
Finding
The skill documentation describes capabilities to read and write files, invoke shell tools like ffmpeg/python/bash, and send media content to external LLM endpoints, but it does not declare any explicit permissions or capability boundaries. This creates a real security gap because operators and policy engines cannot accurately assess or constrain what the skill can access, especially given that it may process sensitive video, audio, transcripts, and metadata and transmit them off-host.

Ssd 3

Medium
Confidence
93% confidence
Finding
In agent mode, the script writes a prompt containing the full visual and audio observations and instructs another agent to read them and generate metadata. Those observations can contain sensitive transcript text, names, faces/OCR text, or other personal data, and forwarding them wholesale to another agent expands exposure and can cause unnecessary disclosure in downstream outputs or logs.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal

Static analysis

No suspicious patterns detected.