Back to skill

Security audit

PPT 转视频 PPT to Video

Security checks across malware telemetry and agentic risk

Overview

The skill appears to perform legitimate document-to-video work, but its declared PPT-focused purpose is narrower than the file types and backend it actually describes using.

Install only if you are comfortable with a general document-to-video service, not just PPT-to-video. Treat uploaded files as shared with the external conversion provider, avoid sensitive documents unless the provider terms fit your needs, and confirm the exact file types and destination service before use.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Description-Behavior Mismatch

Medium
Confidence
91% confidence
Finding
The skill metadata presents a narrowly scoped PPT/PowerPoint/Keynote-to-video capability, but the body expands scope to Word, Excel, PDF, and generic document-to-video behavior. This mismatch can cause users or orchestrators to invoke the skill under false assumptions, increasing the chance that unintended file types are uploaded to a third-party service and processed by a broader backend template than expected.

Intent-Code Divergence

Medium
Confidence
94% confidence
Finding
The documentation claims a PPT-to-video skill, but the actual invocation uses the broader `file-to-video` template, creating a hidden capability expansion. In agent ecosystems, this kind of scope drift is security-relevant because routing, user consent, and policy decisions may be based on the declared skill purpose rather than the more permissive backend actually invoked.

Description-Behavior Mismatch

Medium
Confidence
88% confidence
Finding
The skill metadata advertises a narrow PPT/PowerPoint/Keynote-to-video capability, but the body and invoked `file-to-video` template clearly broaden scope to arbitrary documents such as Word, Excel, and PDF. This mismatch can mislead operators about what data types will be uploaded to the third-party service, increasing the chance that users submit more sensitive files than intended under an inaccurate trust boundary.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The trigger list contains broad natural-language phrases such as document-to-video and explainer-video terms that can match many unrelated requests. Overbroad activation increases the risk of accidental invocation, which in this skill is more significant because invocation can lead to uploading local files and sending prompts to external SaaS endpoints.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.