Back to skill

Security audit

Audio Analyze

Security checks across malware telemetry and agentic risk

Overview

The skill mostly does what it says, but it needs review because its transcription helper can be abused through crafted inputs and it uploads user media to a third-party API.

Review before installing. Only use this skill with media you are allowed to send to Evolink/Gemini processing, avoid confidential or regulated recordings unless approved, and do not run the helper on untrusted filenames or option values until the script is patched to pass inputs safely.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (15)

Lp3

Medium
Category
MCP Least Privilege
Confidence
84% confidence
Finding
The skill advertises use of environment variables, network access, and local file interaction, but declares no permissions. That creates a transparency and review gap: users and platforms cannot accurately assess that the skill sends data to a third-party API and may read or write local files, increasing the chance of unintended data exposure or over-privileged execution.

Tp4

High
Category
MCP Tool Poisoning
Confidence
92% confidence
Finding
The documented purpose is audio transcription/analysis, but the detected behavior includes translating documentation and writing README.<lang>.md files. This mismatch is dangerous because it suggests hidden or undeclared functionality that can modify local project files unrelated to the user’s requested audio task, undermining trust and potentially enabling unauthorized file changes or exfiltration workflows under benign branding.

Description-Behavior Mismatch

High
Confidence
94% confidence
Finding
The file implements README translation and outbound API calls, which do not align with the advertised purpose of an audio transcription/analysis skill. This functionality mismatch increases supply-chain risk because users may install the skill expecting audio processing while it performs unrelated networked operations on repository content.

Context-Inappropriate Capability

High
Confidence
93% confidence
Finding
Including documentation translation capability in an audio-analysis skill expands the trust boundary without clear justification. Unnecessary capabilities increase the attack surface and make it harder for users to understand what data may be processed or sent externally.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The README explicitly promotes transcription and analysis of user audio/video through the Evolink/Gemini API, but it does not disclose that users' media content will be sent to a third-party service for processing. This creates a meaningful privacy and compliance risk because users may submit sensitive recordings without informed consent about external transmission, retention, or provider-side handling.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The README states that audio/video will be transcribed and analyzed using Gemini 3.1 Pro via Evolink.ai, but it does not clearly warn users that their media content will be uploaded to and processed by a third-party service. This can mislead users into sending sensitive recordings, meetings, or personal media off-device without informed consent, creating privacy, compliance, and data handling risk.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
Le README indique l'usage d'une clé API EvoLink et d'un modèle distant, mais il n'avertit pas clairement que les fichiers audio/vidéo fournis seront envoyés à un service tiers pour transcription et analyse. Cette omission peut entraîner l'envoi involontaire de contenus sensibles, confidentiels ou réglementés vers une plateforme externe, avec des risques de confidentialité, de conformité et de fuite de données.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The README instructs users to provide an external EvoLink API key and submit audio/video for transcription, but it does not clearly disclose that the media content will be sent to a third-party service for processing. This creates a real privacy and compliance risk because users may upload sensitive recordings, believing analysis is local or not fully understanding the data-sharing implications.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The README encourages users to transcribe and analyze audio/video through the Evolink external API, but it does not clearly warn that uploaded media content may leave the local environment and be processed by a third party. Because audio/video frequently contains sensitive personal, business, or regulated data, omission of a privacy/data-sharing notice can lead users to disclose confidential content without informed consent.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The README describes transcription and analysis features but does not clearly disclose that user audio/video content is transmitted to a third-party service (EvoLink/Gemini) for processing. This can mislead users into sending sensitive recordings under the assumption processing is local, creating privacy, confidentiality, and compliance risks, especially for enterprise or regulated data.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The README promotes transcription and analysis through the third-party Evolink.ai/Gemini service but does not clearly disclose that users' audio or video content will be sent off-device to an external API for processing. This can lead users to submit sensitive recordings without informed consent, creating privacy, confidentiality, and possible compliance risks, especially for business, personal, or regulated audio data.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
README promotes transcription/analysis of audio and video through the EvoLink/Gemini external API, but it does not clearly warn users that potentially sensitive media content will be transmitted to a third-party service. For a skill specifically handling raw audio/video, this omission increases the risk of accidental disclosure of private conversations, biometric voice data, or regulated content because users may assume local-only processing.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The README tells users to transcribe and analyze audio/video with a third-party service but does not clearly disclose that the media content will be sent off-device to EvoLink/Gemini infrastructure. This creates a privacy and consent risk because users may submit sensitive recordings, meetings, or personal media without realizing external processing and retention policies may apply.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The script base64-encodes the entire local audio file and sends it to a third-party API, but it provides no explicit user-facing disclosure, consent step, or data-handling warning. Because audio may contain sensitive personal, business, or regulated information, silent transmission to an external service creates a real privacy and compliance risk in this skill context.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The script transmits README contents to an external API without any notice, consent, or disclosure in the code path. Even though README files are often non-secret, repositories can contain internal or pre-release documentation, so silent external transmission creates a confidentiality and compliance risk.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.