Security audit

Pexo AI Video Agent

Security checks across malware telemetry and agentic risk

Overview

This appears to be a legitimate Pexo video-generation skill that sends prompts and selected media to Pexo using a user-provided API key.

Install only if you intend to use Pexo as an external video-generation service. Protect the Pexo API key, keep ~/.pexo/config private, verify PEXO_BASE_URL is the real Pexo endpoint, and upload only media and prompt content you are comfortable sending to Pexo.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (4)

Context-Inappropriate Capability

Medium

Confidence: 84% confidence
Finding: This script requests a server-generated upload URL and then performs a PUT of an arbitrary local file to that remote destination. In isolation, that is a data exfiltration primitive: any caller able to invoke the script can transmit local files off-host, and the file path is fully user-controlled. The lack of broader skill context or stated business purpose makes this more suspicious rather than less, even if the likely intent is legitimate asset upload functionality.

Vague Triggers

Medium

Confidence: 94% confidence
Finding: The skill description contains very broad invocation triggers such as 'any video creation task' and multiple generic social-media/video phrases. This can cause the agent to invoke the skill in loosely related contexts and route user prompts, files, or business content to an external service without sufficiently specific user intent, increasing unintended data exposure and confused-deputy risk.

Missing User Warnings

Medium

Confidence: 97% confidence
Finding: The workflow instructs the agent to upload files and send the user's exact request to Pexo, but it does not require any warning or consent flow informing the user that their prompt content and uploaded media will be transmitted to a third-party service. This creates a privacy and data-governance risk, especially if users provide sensitive images, branding assets, or confidential campaign information.

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The setup guide instructs users to place a live API key in a plaintext config file and shell environment without warning that the secret must be protected, excluded from version control, and handled carefully in shell history or logs. This increases the chance of credential leakage through dotfile sync, backups, screenshots, command history, or accidental commits, which could allow unauthorized use of the Pexo account and API.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.