Brand Video Maker Skill

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed, instruction-only video editing skill, but users should only use it on media and brand assets they are authorized to modify.

Install only if you intend to use AI video editing tools for content you own or have permission to modify. Confirm rights to the source footage and brand assets, disclose materially altered advertising or influencer content where required, and review the privacy terms of any external AI providers used for processing.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The skill explicitly enables logo, packaging, and text replacement in existing videos, which can facilitate deceptive advertising, trademark infringement, passing off, or unauthorized alteration of third-party media. Because the description presents these capabilities as normal use cases without any warning, authorization requirement, or lawful-use boundary, it lowers friction for misuse and increases the chance of harmful or non-compliant deployment.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal