Back to skill

Security audit

Wan Image and Video Generation and Editting

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed Wan/DashScope media-generation wrapper that sends user-provided prompts and selected media to Alibaba’s API.

Install only if you are comfortable sending prompts and selected images or media references to Alibaba DashScope for remote processing. Use a dedicated API key, monitor quota or billing, and avoid submitting sensitive, private, regulated, or unauthorized media.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (4)

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The documentation explicitly states that local image files are converted to base64 and sent to the model API, but it does not clearly warn users that local content leaves the device and is uploaded to a third-party service. This can lead to accidental exfiltration of sensitive images, embedded metadata, or proprietary material if users assume processing is local. The skill context makes this more significant because image-edit workflows naturally encourage users to supply personal local files.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The image-to-video examples allow a local image path and note that the script turns the local file into base64, but they still lack a direct warning that the file is sent off-host to an external model API. Users may provide private photos expecting local transformation, resulting in unintended disclosure to a remote service. Because first-frame images are often personal or sensitive, the skill context increases the privacy risk.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The image-edit path accepts local file paths, base64-encodes the file contents, and sends them along with the user's prompt to a remote third-party API, but the tool provides no explicit disclosure or confirmation that local content is being uploaded off-host. In an agent-skill context, this can cause unintentional transfer of sensitive images or embedded metadata, especially if users assume local processing.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The image-to-video command reads a local image file and transmits it to a remote service without a clear warning that local data leaves the system. In a skill environment, users may provide sensitive local media, creating privacy and data-governance risk even though the transfer is functionally intended.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.