Back to skill

Security audit

Yino.ai - Agent First AI Music Video Generator

Security checks across malware telemetry and agentic risk

Overview

This is a coherent yino.ai media-generation skill, but it gives broad activation rules and includes unsafe API-key handling that users should review before installing.

Install only if you trust yino.ai and the publisher with your prompts, uploaded media, generated outputs, and API usage. Before use, change the preflight check to a non-revealing presence check, never print the API key, and confirm when files or prompts will be sent to yino.ai.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
88% confidence
Finding
The manifest description and trigger set are broad enough to activate this skill for generic media-generation requests beyond a narrowly scoped yino.ai integration. Overbroad routing can cause the agent to invoke external-networked tooling unexpectedly, increasing the chance of accidental data disclosure or use of the wrong skill for user intent.

Vague Triggers

Medium
Confidence
94% confidence
Finding
The trigger phrase 'yino' is highly ambiguous because users may mention the brand or discuss it generally without intending to invoke this skill. That can lead to unintended activation of a tool-enabled skill that performs external HTTP calls using configured credentials.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill instructs the agent to read and use the YINO_API_KEY directly and to proceed with authenticated external requests, but it does not require an explicit user-facing notice that a third-party service will be contacted using stored credentials. In an agent setting, that reduces transparency and can result in users unknowingly triggering paid actions or sending prompts/files to an external provider.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.