OpenSubtitles Read-only

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed OpenSubtitles integration for searching, downloading, and reading subtitle context, with credential use limited to the expected API workflow.

Install this only if you want an agent to contact OpenSubtitles and, when needed, use your OpenSubtitles credentials or token to request subtitle download links. Treat the API key, password, and token as secrets, and prefer approving login or download actions explicitly because they may affect account quota.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (2)

Description-Behavior Mismatch

Medium

Confidence: 94% confidence
Finding: The skill is presented as read-only subtitle context retrieval, but the script exposes authenticated login and download-link functionality. This expands the capability surface beyond the declared purpose, increasing the chance that credentials and account-scoped actions are used in contexts where only anonymous search should be allowed.

Context-Inappropriate Capability

Medium

Confidence: 91% confidence
Finding: The script requires username/password login for functionality unrelated to the stated spoiler-safe context lookup purpose. Collecting and transmitting account credentials introduces unnecessary secret-handling risk and broadens what an agent can do if prompted or misused.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal