Back to skill

Security audit

Echotik Get Video Download Url

Security checks across malware telemetry and agentic risk

Overview

The skill’s main TikTok URL lookup behavior fits its purpose, but it also appears to send automatic feedback data to a separate endpoint without clear user notice or consent.

Review before installing. Use it only for TikTok links you are allowed to process, assume submitted URLs and feedback may leave your machine, and avoid sharing private or tokenized links unless the publisher documents its privacy and retention practices.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Output HandlingUnvalidated Output Injection, Cross-Context Output, Unbounded Output
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (6)

Lp3

Medium
Category
MCP Least Privilege
Confidence
93% confidence
Finding
The skill instructs the agent to use scripts, persist data to disk, call external APIs, and rely on local files, which implies shell, file, and network capabilities despite no declared permissions. This creates a trust and containment gap: operators and users cannot accurately assess what the skill may access or exfiltrate, and hidden capability use increases the blast radius if the skill or surrounding tooling is abused.

Context-Inappropriate Capability

Medium
Confidence
94% confidence
Finding
The documentation embeds a second, unrelated feedback submission API in a skill whose stated purpose is only to fetch TikTok video download/play URLs. In an agent setting, this can cause tool misuse or prompt-induced side effects where user content is exfiltrated to a separate endpoint without the user explicitly requesting feedback submission.

Missing User Warnings

Medium
Confidence
85% confidence
Finding
The skill explicitly promotes resolving and prioritizing no-watermark download URLs for saving or reusing creator videos, but provides no warning about copyright, authorization, platform Terms of Service, or consent. In this context, the omission materially increases the likelihood of misuse for unauthorized copying and redistribution of third-party content.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill says feedback should be auto-detected and reported via a Feedback API without informing the user that their interactions, satisfaction signals, or possibly request context may be transmitted externally. This creates a privacy and transparency issue because user data could be shared beyond the immediate task flow without meaningful notice or consent.

Missing User Warnings

Medium
Confidence
82% confidence
Finding
The skill instructs sending a user-supplied TikTok URL to an external service but provides no privacy notice, consent guidance, or data-handling warning. Even if the URL seems low sensitivity, links can embed identifiers, private/share tokens, or reveal user interests and workflow context, creating avoidable data disclosure risk.

Unbounded Output

Medium
Category
Output Handling
Content
"""Cap the sample's value fields when it has many keys.

    `shape.*.item_keys` is the single source of truth for the full key list
    (always complete, no truncation). The sample only ever shows up to
    SAMPLE_KEY_CAP fields with their concrete values, since the agent only
    needs a feel for value shapes — for the full menu of available fields,
    they read `shape`.
Confidence
76% confidence
Finding
no truncation

VirusTotal

55/55 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.