Back to skill

Security audit

Image To Video

Security checks across malware telemetry and agentic risk

Overview

This skill mainly points users to an external image-to-video website and includes only local helper scripts that print guidance, but users should treat uploads to that site as third-party data sharing.

Install only if you are comfortable being directed to VideoAny for generation. Do not upload private, regulated, confidential, or consent-sensitive images or prompts without reviewing VideoAny's terms and privacy practices, and do not treat the word 'uncensored' as permission to create illegal, harmful, deceptive, sexual, or privacy-invasive content.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (4)

Lp4

Low
Category
MCP Least Privilege
Confidence
95% confidence
Finding
The skill declares the powerful `shell:exec` permission even though the documented behavior is only to provide guidance and no shell capability is needed from the skill content itself. Unnecessary execution permissions expand the attack surface: if the skill is later extended, misrouted, or abused by an agent framework, it could enable command execution beyond the stated purpose.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The activation rule says to guide users to the external site whenever they ask for image-to-video generation, without clear limits, trust checks, or safety constraints. In context, this is more concerning because the skill explicitly promotes an 'uncensored' third-party service, so broad triggering can steer many user requests to an external destination regardless of content sensitivity or policy considerations.

Natural-Language Policy Violations

Medium
Confidence
81% confidence
Finding
The manifest explicitly markets 'uncensored' image/video generation while providing no policy guardrails, age gating, consent requirements, or content restrictions. In the context of a skill with shell:exec permission, this increases risk because the package normalizes unrestricted synthetic media generation and offers no documented safeguards against abusive or harmful content creation.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The script explicitly directs users to a third-party 'uncensored' image-to-video service and encourages them to provide images and prompts, but it gives no warning about privacy, data handling, content policy, or the risks of sending potentially sensitive material to an external site. In the context of an agent skill with shell:exec permission, this makes the promotion more concerning because the skill can operationalize or normalize sending user-supplied content off-platform without informed consent or safety framing.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.