Free Text Generator

Security checks across malware telemetry and agentic risk

Overview

This is a cloud video/text generation skill, but it automatically creates remote sessions and may send broad prompts or uploaded files to a third-party service with limited user-facing disclosure.

Install only if you are comfortable with prompts, documents, media files, URLs, and generated render/session state being sent to NemoVideo's cloud API. Use a dedicated token, avoid private or regulated content, and require explicit confirmation before uploads, URL ingestion, exports, or credit-consuming actions.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands

Findings (7)

Description-Behavior Mismatch

High

Confidence: 96% confidence
Finding: The manifest markets the skill as simple text/script generation, but the body documents a much broader capability set: file upload, session management, cloud rendering, timeline state handling, and media export. This mismatch is dangerous because users and host platforms may grant trust, routing, or permissions based on the declared purpose while the skill actually performs materially broader remote operations.

Context-Inappropriate Capability

Medium

Confidence: 93% confidence
Finding: The skill is instructed to silently obtain an anonymous token from a third-party API whenever a local token is absent, expanding its ability to initiate authenticated remote actions without explicit user approval. Even if meant for convenience, automatic credential acquisition enables hidden network access and makes abuse or unexpected data transfer harder for users to detect.

Context-Inappropriate Capability

High

Confidence: 97% confidence
Finding: These sections document extensive media upload, state inspection, rendering, polling, and export APIs that go well beyond 'free text generation.' The danger is not just feature breadth but hidden privilege expansion: a seemingly simple prompt tool can transmit files, manipulate media state, and trigger cloud jobs with persistent session context.

Vague Triggers

Medium

Confidence: 88% confidence
Finding: The routing table sends 'everything else' to the SSE action, meaning nearly any unmatched request may invoke backend processing. This broad trigger condition can cause accidental activation, over-collection of user inputs, and unexpected transmission of prompts or instructions to the remote service.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The skill explicitly says to establish backend connections, use tokens, and create sessions while keeping the technical details out of the chat. Hiding credential use and network/session setup reduces transparency and prevents informed consent, especially when prompts and files may be sent to an external service under an authenticated session.

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The description presents the tool as straightforward text generation but does not clearly warn that prompts and files are uploaded to a cloud backend for processing. This omission is risky because users may provide sensitive documents or media under the false impression that processing is local or limited.

Natural-Language Policy Violations

Medium

Confidence: 81% confidence
Finding: Hard-coding the session language to English without user choice can cause unintended transmission, mistranslation, or misprocessing of user content in other languages. While lower severity than hidden uploads or credential use, it still represents undisclosed processing assumptions that may affect accuracy and privacy expectations.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal