Video Captioning by ReelWords

Security checks across malware telemetry and agentic risk

Overview

This skill does what it says: it sends a video URL to ReelWords for captioning and can download the rendered result.

Install only if you trust ReelWords with the videos or video URLs you submit. Keep REELWORDS_API_KEY private, avoid command-line secrets when possible, review API usage or credits, and choose output paths carefully because the helper writes the downloaded video to the path you provide.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (7)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 88% confidence
Finding: The skill explicitly requires environment variables and network access in metadata, but no declared permissions model is presented to constrain or disclose those capabilities. In an agent environment, undeclared sensitive capabilities increase the chance of secret exposure or unexpected outbound requests because operators may not realize the skill can read an API key and transmit data externally.

Missing User Warnings

Medium

Confidence: 90% confidence
Finding: The reference documents sending user-supplied video URLs and authenticated requests to a third-party API, plus retrieving rendered output via signed download URLs, but it provides no warning about external data transfer, retention, or privacy implications. In an agent skill, that omission is security-relevant because users may not realize their media and metadata are being transmitted off-platform to ReelWords and potentially to linked storage endpoints.

External Transmission

Medium

Category: Data Exfiltration
Content: #### 1) Create job ```bash curl -sS https://api.reelwords.ai/api/v1/caption-jobs \ -H "x-api-key: $REELWORDS_API_KEY" \ -H "content-type: application/json" \ -d '{
Confidence: 82% confidence
Finding: curl -sS https://api.reelwords.ai/api/v1/caption-jobs \ -H "x-api-key: $REELWORDS_API_KEY" \ -H "content-type: application/json" \ -d

External Transmission

Medium

Category: Data Exfiltration
Content: #### 1) Create job ```bash curl -sS https://api.reelwords.ai/api/v1/caption-jobs \ -H "x-api-key: $REELWORDS_API_KEY" \ -H "content-type: application/json" \ -d '{
Confidence: 82% confidence
Finding: https://api.reelwords.ai/

External Transmission

Medium

Category: Data Exfiltration
Content: Fallback (works in most tenants): ```bash curl -L https://api.reelwords.ai/api/v1/caption-jobs/$JOB_ID/video \ -H "x-api-key: $REELWORDS_API_KEY" \ -o captioned.mp4 ```
Confidence: 84% confidence
Finding: https://api.reelwords.ai/

External Transmission

Medium

Category: Data Exfiltration
Content: - `styleId` (string, required) - optional: `positionY`, `fontSize`, `mainColor`, `highlightColor`, `hookColor`, `highlightOpacity`, `highlightCornerRadius`, `highlightMode`, `highlightScale`, `fontFamily`, `styleClasses` Example curl (from docs): ```bash curl https://api.reelwords.ai/api/v1/caption-jobs \
Confidence: 87% confidence
Finding: curl (from docs): ```bash curl https://api.reelwords.ai/api/v1/caption-jobs \ --request POST \ --header 'Content-Type: application/json' \ --header 'x-api-key: YOUR_SECRET_TOKEN' \ --data

External Transmission

Medium

Category: Data Exfiltration
Content: Example curl (download endpoint): ```bash curl -i https://api.reelwords.ai/api/v1/caption-jobs/123e4567-e89b-12d3-a456-426614174000/video \ --header 'x-api-key: YOUR_SECRET_TOKEN' ```
Confidence: 85% confidence
Finding: https://api.reelwords.ai/

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal