4k Subtitle Generator

Security checks across malware telemetry and agentic risk

Overview

This skill is not clearly harmful, but it needs review because it uploads media to a remote service, auto-creates backend sessions, and makes broader or inconsistent claims than a simple 4K subtitle tool.

Review before installing. Use it only for media you are comfortable uploading to nemovideo.ai, verify the actual export resolution before relying on it for 4K work, and avoid using it for sensitive videos unless you accept the remote processing, token/session creation, and credit/subscription behavior.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands

Findings (6)

Description-Behavior Mismatch

Medium

Confidence: 92% confidence
Finding: The skill is presented as a narrow 4K subtitle generator, but the instructions expose a much broader remote video-editing capability including timeline edits, overlays, audio manipulation, and export orchestration. This creates a scope mismatch that can mislead users and calling agents about what actions and data flows are actually permitted, increasing the risk of unintended remote processing and overbroad use.

Description-Behavior Mismatch

High

Confidence: 97% confidence
Finding: The skill markets itself as producing 4K outputs, but its own pipeline documentation says exports are compressed up to 1080x1920, which is materially inconsistent. This is a deceptive capability claim that can cause users to upload sensitive or high-value media under false assumptions about output quality and processing guarantees.

Context-Inappropriate Capability

Low

Confidence: 83% confidence
Finding: The skill instructs the agent to detect the local install path and derive a platform fingerprint for attribution headers, which is unrelated to the core subtitle-generation task. Even though the data is limited, collecting environment details without necessity or explicit disclosure expands fingerprinting surface and weakens user privacy.

Vague Triggers

Medium

Confidence: 89% confidence
Finding: The routing table sends all prompts not matching a narrow set of keywords to the generic SSE editing path, effectively granting broad remote action handling by default. In a skill that can upload media and mutate remote session state, this catch-all behavior increases the chance of unintended operations from ambiguous user input.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The skill says user video files are sent to remote GPU nodes for processing but does not provide a clear privacy or data-transmission warning in its description. Users may disclose sensitive video, audio, or metadata without understanding that content is uploaded to third-party infrastructure.

Missing User Warnings

Medium

Confidence: 96% confidence
Finding: The skill directs the agent to connect to the backend automatically on first open, including token acquisition and session creation, without meaningful user warning or consent. This can trigger network access, account/session creation, and remote identifier generation before the user has agreed to external communication.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal