Back to skill

Security audit

VMEG Audio/Video Translation, Subtitle Translation, and Dubbing

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed VMEG media-translation integration, with expected network uploads and account access that users should handle carefully.

Install only if you intend to use VMEG's remote service. Prefer OAuth when available, protect any vmeg_sk API key, keep MCP config files out of shared repositories, and confirm the exact local media file before allowing an agent to upload it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
88% confidence
Finding
The activation description is broad enough to trigger on generic 'material and task management' or 'script editing' requests that are not clearly about VMEG media workflows. In an agent environment, this can cause unnecessary skill activation, pulling in network-capable tooling and external-service instructions for routine tasks, increasing the chance of unintended data exposure or user redirection to a third-party service.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill instructs the agent to upload local media files using presigned URLs or API-key-backed curl commands, but it does not require an explicit user confirmation or warning that local files will be transmitted to a remote third-party service. This is dangerous because local file exfiltration can occur during normal task execution, especially when the skill already encourages use of absolute paths and networked MCP tooling.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The documentation instructs users to place a long-lived API key directly into `.mcp.json`, but does not warn that this file may be committed to source control, shared in project directories, or exposed through logs and support bundles. In the context of an MCP configuration for a remote service, compromise of the bearer token could allow unauthorized access to the user's VMEG account and associated materials or actions.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.