Back to skill

Security audit

Video Generation (t2v & i2v)

Security checks across malware telemetry and agentic risk

Overview

The skill does what it claims, but it needs review because it automatically sends selected local images to third-party image hosts and broadly loads local environment secrets.

Install only if you are comfortable sending prompts and selected images to third-party services. Avoid private, regulated, or proprietary images unless public hosting is acceptable, and run the skill from a dedicated folder with a minimal .env containing only the keys needed for this workflow.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (6)

Lp3

Medium
Category
MCP Least Privilege
Confidence
94% confidence
Finding
The skill documentation directs use of shell commands, local file access, environment variables, and outbound network services, but no corresponding permissions are declared. This creates a transparency and policy gap: users and the host system cannot accurately assess or constrain what the skill is allowed to do, increasing the chance of unintended data access or exfiltration.

Context-Inappropriate Capability

Medium
Confidence
95% confidence
Finding
The skill loads environment variables from both default .env locations and an arbitrary user-supplied --env-file, which gives it access to secrets unrelated to video generation. In an agent setting, broad credential-loading capability increases the blast radius if the skill, dependency, or downstream service mishandles environment data or if an attacker influences which file is loaded.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The README explicitly advertises that local images are automatically uploaded to cloud storage for image-to-video generation, but it does not clearly warn users that local files will leave their machine or describe the privacy implications. In a media-generation skill, users may supply personal, confidential, or copyrighted images, so silent or poorly disclosed transmission to third-party infrastructure creates a real risk of unintended data exposure.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The activation description is very broad and overlaps with common requests such as 'video creation' or 'animate image,' which can cause the skill to trigger in contexts the user did not intend. Because this skill can access files, shell commands, network services, and third-party APIs, overbroad routing raises the risk of unnecessary data handling and external transmission.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The script uploads the user-supplied image to a third-party hosting service before video generation, which transmits potentially sensitive local file contents outside the user's environment. There is no explicit user-facing disclosure or confirmation at the point of transmission, so users may unknowingly expose private images to external services and their retention policies.

External Transmission

Medium
Category
Data Exfiltration
Content
2. Generate video using the image URL
3. Download and save locally

**IMPORTANT**: For ImgBB, you must provide an API token via `--api-token` or set `IMGBB_API_KEY` environment variable. Get your free API key at https://api.imgbb.com/

Output JSON example:
Confidence
93% confidence
Finding
https://api.imgbb.com/

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.