Flova Video Generator

Security checks across malware telemetry and agentic risk

Overview

This appears to be a real Flova video-generation skill, but it gives an assistant broad account, file-transfer, and credit-affecting authority with weak user-control boundaries.

Install only if you intend to let an assistant operate your Flova account. Store FLOVA_API_TOKEN through an environment variable or secret manager, not ordinary chat. Before use, require confirmation for project creation, file uploads, exports/downloads, subscription or credit checkout, and any step that may consume credits or send sensitive media to Flova.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (6)

Missing User Warnings

Medium

Confidence: 89% confidence
Finding: The README advertises capabilities such as file upload, video export/download, and subscription or credit purchases without clearly warning that these actions may transfer user data to a third-party service or incur charges. In an agent-skill context, this increases the risk that an assistant may perform privacy-sensitive or billable operations without sufficiently explicit user awareness or confirmation.

Missing User Warnings

High

Confidence: 95% confidence
Finding: The README explicitly tells users they can send their Flova API token directly to the AI assistant, which encourages unsafe handling of a bearer credential. In the context of an agent skill that may route data through third-party models, logs, toolchains, or hosted runtimes, this materially increases the chance of credential leakage, unauthorized API use, account abuse, and billing impact.

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: The README explicitly advertises capabilities for file upload, export/download, subscription management, and credit purchases, but it does not warn users that these actions may transfer potentially sensitive data to a third-party service or trigger billable operations. In an agent skill context, omission of consent and billing warnings increases the risk that an autonomous or semi-autonomous assistant performs privacy-impacting or costly actions without clear user awareness.

Vague Triggers

Medium

Confidence: 83% confidence
Finding: The trigger description is broad enough to invoke this skill for many generic mentions of AI video tools, pricing, or video generation topics, causing unnecessary activation and data flow to an external service. In an agent environment, overbroad routing can expose user prompts and attachments to third-party APIs when the user may only be asking general questions or comparisons.

External Transmission

Medium

Category: Data Exfiltration
Content: - FLOVA_API_TOKEN primaryEnv: FLOVA_API_TOKEN bins: - curl emoji: "🎬" homepage: "https://www.flova.ai" skillKey: "flova"
Confidence: 95% confidence
Finding: curl emoji: "🎬" homepage: "https://www.flova.ai" skillKey: "flova" --- # Flova Video Generator ## Configuration ### Version Check On every invocation, fetch `${VERSION_URL}` (timeout 2

Autonomous Decision Making

Medium

Category: Excessive Agency
Content: 3. Stop when latest message status is `complete` or awaiting user input. 4. If the Flova agent asks for confirmation, surface it to the user, wait for their reply, then forward via `/chat`. **Fully-managed mode:** When the user's requested video length is ≤ 1 minute, drive the `/chat` -> poll -> `/chat` loop autonomously. Auto-confirm safe questions (style, music, layout) via `/chat`. Only surface decisions with real consequences (payment, content warning) to the user. ### Phase 3 -- Export & Delivery
Confidence: 88% confidence
Finding: Auto-confirm

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal