Back to skill

Security audit

Capcut Mate Skill

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent CapCut automation wrapper, but users should connect it only to a trusted CapCut Mate service because media and project details are sent there.

Install only if you are comfortable running and trusting the CapCut Mate server you configure. Prefer localhost, avoid sending sensitive media to a third-party endpoint, review the external server or Docker image before use, and clean up drafts/renders when finished.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (1)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill describes extensive media-processing capabilities and instructs users to configure an API endpoint, but it does not warn that media files, URLs, captions, and project content may be transmitted to a local or remote CapCut Mate service for processing and rendering. This creates a real transparency and privacy risk because users may supply sensitive media or internal URLs without understanding that the data leaves the immediate agent context and is handled by another service.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

Detected: suspicious.env_credential_access

Environment variable access combined with network send.

Critical
Code
suspicious.env_credential_access
Location
index.js:4