Back to skill

Security audit

Douyin Transcriber

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward local transcription skill, with normal privacy and Docker trust considerations for processing media files.

Before installing, confirm you trust the Whisper ASR Docker image, consider pinning a version or digest, keep the service bound to localhost, and only submit media files you intentionally want transcribed. Stop or remove the container when finished.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
88% confidence
Finding
The invocation condition is overly broad because it says the skill should be used for 'any media file,' which can cause agents to route unrelated or sensitive media into this transcription workflow without sufficient user awareness or scope checking. In a skill that uploads files to a local HTTP ASR service and performs file conversion, over-broad matching increases the chance of unintended handling of private content and unsafe automation.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill instructs users to POST media files to a local HTTP ASR endpoint but does not warn that the full contents of the audio/video are transmitted to another service for processing. This omission is security-relevant because users or downstream agents may assume processing is purely local within the current tool context, leading to unintentional disclosure of sensitive recordings or embedded data.

VirusTotal

60/60 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.