find and control DLNA devices

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed DLNA/UPnP helper for finding and controlling local network media devices, with no hidden install behavior or unrelated data access found.

Install this only if you want the agent to discover and control DLNA/UPnP TVs or speakers on your local network. Confirm the target device before playing media or changing playback/volume, and use it only on networks and devices you are authorized to manage.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 90% confidence
Finding: The skill explicitly instructs the agent to discover DLNA/UPnP MediaRenderer devices on the local network and control them, but it does not warn that this performs active LAN scanning via SSDP and issues commands to networked devices. In an agent setting, that omission can cause users to trigger network enumeration and playback/control actions on nearby devices without informed consent, which creates privacy and unauthorized-interaction risk.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal