Documentation Auto

Security checks across malware telemetry and agentic risk

Overview

This is a Gladia speech-to-text documentation skill with disclosed API-key use and no executable install behavior.

Install this if you want help integrating Gladia speech-to-text. Treat Gladia API keys and uploaded audio as sensitive, and invoke the skill for Gladia, transcription, audio/video processing, or audio-intelligence tasks rather than unrelated general requests.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 95% confidence
Finding: The skill description explicitly positions itself as a 'general-purpose fallback' when other specialized skills do not match, which can cause over-selection for broad user requests and increase the chance that this external-service skill is invoked unnecessarily. That broad routing surface can lead to unintended disclosure of user data to a third-party transcription provider or bypass more constrained, purpose-built skills.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal