Bing Ai Video

Security checks across malware telemetry and agentic risk

Overview

This skill appears to be a cloud video editor, but users should review it because it brands itself as Bing while sending media and sessions to a NemoVideo backend with broad automatic routing.

Install only if you are comfortable sending videos, prompts, and session metadata to mega-api-prod.nemovideo.ai rather than assuming a Bing/Microsoft-operated service. Avoid confidential, regulated, or client-owned media unless you have verified the provider's privacy, retention, and deletion terms, and be cautious with generic edit requests because the skill's routing is broad.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (4)

Vague Triggers

Medium

Confidence: 89% confidence
Finding: The example invocations are broad and generic enough that the skill could be activated by ordinary requests about generating or editing videos, even when the user did not explicitly intend to use this third-party service. In this skill, unintended activation is more sensitive because activation can lead to remote backend connection, token acquisition, and eventual upload/processing of user media on an external service.

Vague Triggers

Medium

Confidence: 95% confidence
Finding: The routing table sends "Everything else" related to generating/editing into the SSE action, which is an overly broad fallback trigger. In context, this is especially risky because the fallback does not just answer locally; it can initiate remote processing behavior tied to a session and external service, increasing the chance of accidental data transfer or unintended paid/credit-consuming actions.

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: Although the text mentions remote GPU processing, it does not present a clear, prominent user warning that uploaded video content will leave the local environment and be processed by a third-party backend. For a media-processing skill handling potentially sensitive video files, this omission can mislead users about privacy, retention, and data-sharing implications.

Missing User Warnings

Low

Confidence: 90% confidence
Finding: The skill directs the agent to automatically connect to the backend and obtain or use a token on first open, but it does not require a clear user-facing warning before this network activity occurs. Even if no media is uploaded yet, silent authentication/session creation to a third-party service can violate user expectations and obscure account/token usage.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal