Security audit

seedance2-script-create-yima

Security checks across malware telemetry and agentic risk

Overview

This is a Markdown-only advertising prompt skill with no system access, but its compliance templates should not be treated as legal review.

Use this as a drafting aid only. Before publishing ads, especially for health, finance, real estate, maternity, food, or cosmetics, have a qualified reviewer check all claims, required disclosures, and local platform rules. Non-Chinese users should translate and verify the instructions before relying on them.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (20)

Intent-Code Divergence

Medium

Confidence: 93% confidence
Finding: The template contains internally conflicting instructions: it forbids text, subtitles, and logos while also requiring brand display, purchase guidance, and compliance disclosures. This can cause downstream generators or operators to omit legally required disclosures or brand/compliance elements, creating a meaningful risk of non-compliant advertising output.

Intent-Code Divergence

Low

Confidence: 77% confidence
Finding: The template asserts that 15 seconds is sufficient for complete compliance information while also allocating time to multiple product, branding, and CTA segments. This can pressure creators to compress, rush, or effectively hide disclosures, increasing the chance of misleading or non-compliant ads.

Intent-Code Divergence

Medium

Confidence: 89% confidence
Finding: The template contains internally conflicting instructions: it forbids text, subtitles, logos, and watermarks in generated output, but elsewhere requires brand presentation, purchase guidance, and compliance markings. This can cause downstream agents or generators to omit legally required disclosures or brand elements, producing non-compliant or misleading ads depending on which instruction is followed.

Intent-Code Divergence

Medium

Confidence: 94% confidence
Finding: The document states that complete compliance information must be included, yet the video prompt forbids any text or subtitles. In an advertising workflow, this conflict can directly lead to omission of mandatory consumer disclosures, increasing legal, regulatory, and consumer-deception risk if the generated ad is published.

Intent-Code Divergence

Medium

Confidence: 95% confidence
Finding: The template contains contradictory instructions: it prohibits LOGOs in generated output while also requiring brand reinforcement, brand identity display, and even LOGO-focused CTA examples. This inconsistency can cause downstream agents or generators to ignore either branding restrictions or compliance constraints, leading to non-compliant advertising assets and unreliable safety behavior.

Intent-Code Divergence

Medium

Confidence: 97% confidence
Finding: The template requires '完整合规标注' and full disclaimers while also forbidding any text or subtitles in the generated video prompt. For ad generation, compliance disclosures are often text-based, so this contradiction can produce outputs that omit legally required disclosures or encourage systems to suppress them, creating regulatory and consumer-protection risk.

Intent-Code Divergence

Medium

Confidence: 95% confidence
Finding: The template bans any text/subtitles while also mandating disclaimers, compliance labels, and purchase guidance, which for FMCG advertising are often legally required to be shown in readable text. This inconsistency can lead systems to generate ads missing mandatory disclosures or calls to action, exposing users to regulatory, consumer-protection, and false-advertising risk.

Intent-Code Divergence

Medium

Confidence: 95% confidence
Finding: The template bans any text/subtitles while also mandating disclaimers, compliance labels, and purchase guidance, which for FMCG advertising are often legally required to be shown in readable text. This inconsistency can lead systems to generate ads missing mandatory disclosures or calls to action, exposing users to regulatory, consumer-protection, and false-advertising risk.

Intent-Code Divergence

Medium

Confidence: 93% confidence
Finding: The template presents itself as compliance-checked and 'fully compliant,' yet later includes example effect language such as '快速恢复，肌肉增长明显' and '运动表现提升，恢复时间缩短,' which can be interpreted as efficacy claims restricted in health-product advertising. This mismatch is dangerous because downstream agents or users may trust the compliance label and generate legally noncompliant or misleading ad copy for regulated products.

Intent-Code Divergence

High

Confidence: 98% confidence
Finding: The template simultaneously forbids any text/subtitles and requires mandatory compliance disclosures to be visibly displayed, creating contradictory instructions. In a regulated health-ad context, this can cause generators to omit legally required disclaimers or produce outputs that cannot satisfy both constraints, increasing the risk of unlawful or deceptive advertising artifacts being created at scale.

Intent-Code Divergence

Medium

Confidence: 95% confidence
Finding: The template presents itself as compliance-aware, but its prompts and parameter examples encourage regulated health-advertising claims such as disease prevention, symptom relief, immunity improvement, clinical validation, expert certification, and doctor recommendation. In a health-product ad generation skill, this can directly lead downstream agents or users to produce misleading or unlawful medical/health marketing content despite nominal disclaimers.

Intent-Code Divergence

Low

Confidence: 90% confidence
Finding: The template simultaneously requires brand display, purchase guidance, and compliance labeling while also instructing generators to prohibit any text, subtitles, LOGO, or watermark. This contradiction can cause the model to omit required disclosures or branding, increasing the chance of non-compliant advertising output and reducing auditability of required health disclaimers.

Intent-Code Divergence

Medium

Confidence: 93% confidence
Finding: The template contains contradictory instructions: it bans text, subtitles, logos, and watermarks in the generation prompt while separately requiring brand display and compliance labels such as age ranges, warnings, and ad markings. This can cause downstream generators or agents to omit legally required disclosures or brand identifiers, creating compliance and consumer-protection risk, especially for regulated maternity/baby product advertising.

Intent-Code Divergence

Medium

Confidence: 95% confidence
Finding: The template contains contradictory instructions: it forbids any text, subtitles, LOGO, and watermarks in generated output, yet elsewhere requires brand display and compliance labeling. In a real-estate advertising context, this can cause downstream agents or generators to omit legally required disclosures or branding, creating compliance, misrepresentation, and review bypass risks.

Intent-Code Divergence

Medium

Confidence: 96% confidence
Finding: The second prompt repeats the same conflict by prohibiting any text, subtitles, LOGO, and watermarks while the document requires clear consultation guidance, brand presentation, and compliance markings. This inconsistency can lead automated content generation systems to suppress mandated disclosures, increasing legal and consumer-deception risk in regulated marketing content.

Vague Triggers

Medium

Confidence: 90% confidence
Finding: The README says that simply describing a product in Claude Code will trigger the skill, which is broad enough to match many ordinary advertising-related user requests. In an agentic environment, overly broad triggers can cause the skill to activate unintentionally, injecting hidden behavior or constraints into normal conversations without clear user consent.

Vague Triggers

Medium

Confidence: 86% confidence
Finding: The skill is configured to auto-activate for a broad set of commercial or marketing-related topics, which can cause it to take over conversations where the user did not explicitly request ad-video generation. In an agent setting, this can misroute tasks, suppress user intent, and cause unintended generation of promotional content or compliance-framed outputs in unrelated contexts.

Vague Triggers

Medium

Confidence: 92% confidence
Finding: The keyword trigger list contains broad phrases like marketing, promotion, or product-related video requests without disambiguation, making accidental activation likely. This is dangerous because the skill may override normal assistant behavior and steer benign discussion into a specialized workflow the user did not ask for.

Natural-Language Policy Violations

Medium

Confidence: 93% confidence
Finding: The skill content is entirely in Chinese and does not offer any language selection, translation, or explicit opt-in, which can cause users to misunderstand constraints, compliance notes, and safety-related instructions. In an agent setting, this creates a real risk of misuse or incorrect execution because users who cannot read Chinese may still invoke the skill and rely on output they do not fully understand.

Missing User Warnings

Medium

Confidence: 90% confidence
Finding: This beauty-ad template encourages before/after comparisons, effect claims, and purchase guidance, but only references compliance in abstract terms without concrete safeguards against exaggerated efficacy, medical-style claims, or misleading comparative results. In the beauty/FMCG context, that makes unsafe or unlawful marketing outputs more likely, especially when users supply aggressive product-benefit parameters.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal