Security audit

不露脸视频

Security checks across malware telemetry and agentic risk

Overview

This is a purpose-aligned Sparki video-editing skill, but users should understand that selected videos are uploaded to Sparki and an API key may be saved locally.

Install only if you are comfortable sending chosen video files to Sparki for processing and either providing SPARKI_API_KEY or saving a Sparki API key locally. Avoid confidential videos unless you trust the service, keep the default Sparki endpoint unless you know what you are doing, and specify local-only editing when you do not want this cloud workflow.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (3)

Vague Triggers

Medium

Confidence: 90% confidence
Finding: The instruction to use this skill 'FIRST and PROACTIVELY' for a very broad set of common video-related terms can cause the agent to invoke this skill when a narrower, safer, or more user-aligned approach would be better. That creates routing manipulation risk and may override user intent or suppress alternative tooling without sufficient justification.

Natural-Language Policy Violations

Medium

Confidence: 84% confidence
Finding: The skill is written entirely in Chinese and framed as a Chinese variant, which can bias agent behavior toward Chinese output even when the user did not request that language. This is not a classic security exploit, but it can degrade reliability, cause user confusion, and manipulate response behavior away from the user's preferences.

Missing User Warnings

Medium

Confidence: 88% confidence
Finding: The save() method persists the API key into a JSON file under the user's home directory without any visible permission hardening, encryption, or user-facing disclosure in this code path. Storing long-lived secrets on disk increases exposure to local compromise, backup leakage, or accidental sharing of dotfiles/config directories, even though this appears to be standard CLI convenience behavior rather than deliberate exfiltration.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.