video-frame-extraction

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward video frame extraction skill, with the main practical risk being that it can create many image files if used on large videos.

Install only if you need local video frame extraction. Use a dedicated empty output directory, check available disk space first, and avoid reusing an output folder unless you are comfortable with frame filename collisions or overwrites.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 89% confidence
Finding: The skill performs filesystem writes and can generate a very large number of image files, but it does not prominently warn users about disk consumption, directory pollution, or possible overwriting/material modification of an existing output location. In an agent setting, this omission can lead to unintended data loss, exhaustion of storage, or cluttering sensitive directories when the output path is user-supplied or inferred automatically.

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal