Back to skill

Security audit

Wjs Dubbing Video

Security checks across malware telemetry and agentic risk

Overview

The skill’s video dubbing purpose is coherent, but it uses broad local secret loading and sends subtitle text to a remote TTS service without clear user-facing consent or scoping.

Install only if you are comfortable with subtitle text being sent to an external TTS provider and with the skill accessing local credentials. Prefer using a dedicated minimal .env containing only the required TTS keys, review subtitles for sensitive content first, and confirm before running any dubbing command.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
88% confidence
Finding
The trigger list includes broad phrases like "voice over this" and "dub the video," which can appear in ordinary conversation and cause unintended routing. Misrouting is risky here because this skill can read local files, source credentials, invoke shell tools, and contact external services, so accidental activation can lead to unnecessary data processing or transmission.

Vague Triggers

Medium
Confidence
85% confidence
Finding
The when-to-use guidance repeats vague everyday phrases like "dub it" and "voice over," further increasing the chance of unintended invocation. In this context, accidental invocation is more dangerous than in a purely local formatting skill because it can trigger external API usage and secret-loading behavior.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill instructs sourcing ~/code/.env into the session, which can expose all environment secrets to subsequent commands and the agent context, without any warning, scoping, or least-privilege handling. Because the skill also performs network operations, this increases the risk of inadvertent secret disclosure or misuse beyond the intended TTS credentials.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The script sends subtitle text to an external TTS provider and authenticates with environment-sourced credentials, but there is no runtime consent prompt, privacy notice, or explicit gating before transmitting potentially sensitive subtitle content off-host. In an agent skill context, this is more dangerous because users may provide private videos/subtitles and reasonably assume local processing unless remote disclosure is clearly surfaced.

VirusTotal

61/61 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.