Back to skill

Security audit

Wjs Reframing Video

Security checks across malware telemetry and agentic risk

Overview

This skill appears to do the advertised local video reframing, with a disclosed first-run MediaPipe model download users should be aware of.

Install only if you are comfortable with ffmpeg/ffprobe, the listed Python media packages, and a first-run download of the MediaPipe face model. For offline or stricter environments, pre-stage and verify the model yourself before use; otherwise run it only on videos you intentionally choose and review the generated MP4 and .crop.json outputs.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Description-Behavior Mismatch

Medium
Confidence
88% confidence
Finding
The script silently downloads executable model content from the internet at runtime when the local model file is absent, despite presenting itself as a local video-processing tool. This expands the trust boundary to the network and remote storage service, creating supply-chain and privacy risks if the download is intercepted, replaced, or simply unexpected in restricted environments.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The code makes an undeclared outbound network request to retrieve a MediaPipe model, which violates the expectation set by a local reframing utility and can matter in privacy-sensitive or air-gapped environments. Even if the source URL is legitimate, undisclosed network access increases operational and security risk because users may not realize the tool contacts third-party infrastructure.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.