Upload Video Compressor

Security checks across malware telemetry and agentic risk

Overview

This is a coherent markdown-only video compression skill with no executable code or hidden data access, though users should preserve originals before compressing.

Safe to install for ordinary video-compression guidance. Before using it on valuable media, keep the original video unchanged, write compressed outputs to a new filename, and confirm before replacing any existing file.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Low

Confidence: 90% confidence
Finding: The skill instructs users to compress source videos and return an upload-ready output, but it does not explicitly warn that compression creates new files, may overwrite outputs depending on implementation, and can irreversibly reduce quality if originals are replaced. In a media-processing skill this is a real safety/usability weakness because users may lose high-quality source material or unintentionally accept destructive changes without preserving the original.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal