Unpinned Dependencies
Low
- Category
- Supply Chain
- Content
pydub>=0.25.1 librosa>=0.10.0 soundfile>=0.12.1 mutagen>=1.47.0
- Confidence
- 93% confidence
- Finding
- pydub>=0.25.1
Audio Processor
Security checks across malware telemetry and agentic risk
Overview
This is a normal local audio-processing skill, with predictable file-write and dependency hygiene risks but no evidence of hidden or malicious behavior.
Install only if you are comfortable letting it read local audio files and write processed outputs. Use a dedicated working folder, avoid pointing outputs at important existing files, and consider pinning dependencies or using a lockfile in stricter environments.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (9)
Unpinned Dependencies
Low
- Category
- Supply Chain
- Content
pydub>=0.25.1 librosa>=0.10.0 soundfile>=0.12.1 mutagen>=1.47.0 numpy>=1.24.0
- Confidence
- 93% confidence
- Finding
- librosa>=0.10.0
Unpinned Dependencies
Low
- Category
- Supply Chain
- Content
pydub>=0.25.1 librosa>=0.10.0 soundfile>=0.12.1 mutagen>=1.47.0 numpy>=1.24.0 matplotlib>=3.7.0
- Confidence
- 93% confidence
- Finding
- soundfile>=0.12.1
Unpinned Dependencies
Low
- Category
- Supply Chain
- Content
pydub>=0.25.1 librosa>=0.10.0 soundfile>=0.12.1 mutagen>=1.47.0 numpy>=1.24.0 matplotlib>=3.7.0 noisereduce>=3.0.0
- Confidence
- 93% confidence
- Finding
- mutagen>=1.47.0
Unpinned Dependencies
Low
- Category
- Supply Chain
- Content
librosa>=0.10.0 soundfile>=0.12.1 mutagen>=1.47.0 numpy>=1.24.0 matplotlib>=3.7.0 noisereduce>=3.0.0 scipy>=1.10.0
- Confidence
- 95% confidence
- Finding
- numpy>=1.24.0
Unpinned Dependencies
Low
- Category
- Supply Chain
- Content
soundfile>=0.12.1 mutagen>=1.47.0 numpy>=1.24.0 matplotlib>=3.7.0 noisereduce>=3.0.0 scipy>=1.10.0 ffmpeg-python>=0.2.0
- Confidence
- 93% confidence
- Finding
- matplotlib>=3.7.0
Unpinned Dependencies
Low
- Category
- Supply Chain
- Content
mutagen>=1.47.0 numpy>=1.24.0 matplotlib>=3.7.0 noisereduce>=3.0.0 scipy>=1.10.0 ffmpeg-python>=0.2.0
- Confidence
- 93% confidence
- Finding
- noisereduce>=3.0.0
Unpinned Dependencies
Low
- Category
- Supply Chain
- Content
numpy>=1.24.0 matplotlib>=3.7.0 noisereduce>=3.0.0 scipy>=1.10.0 ffmpeg-python>=0.2.0
- Confidence
- 95% confidence
- Finding
- scipy>=1.10.0
Unpinned Dependencies
Low
- Category
- Supply Chain
- Content
matplotlib>=3.7.0 noisereduce>=3.0.0 scipy>=1.10.0 ffmpeg-python>=0.2.0
- Confidence
- 94% confidence
- Finding
- ffmpeg-python>=0.2.0
VirusTotal
66/66 vendors flagged this skill as clean.