Ai Subtitles Generator Free

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed cloud subtitle/video-rendering helper, but users should know their media and prompts go to NemoVideo for processing.

Install only if you are comfortable sending selected videos, prompts, and render metadata to NemoVideo's cloud service. Avoid confidential, regulated, or copyrighted media unless you trust that provider's data handling, and keep NEMO_TOKEN private.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands

Findings (5)

Description-Behavior Mismatch

Medium

Confidence: 93% confidence
Finding: The skill is presented as a subtitle generator, but the documentation exposes a much broader cloud video editing and rendering pipeline, including generic editing, uploads, session state, and export flows. This scope mismatch can cause users and invoking systems to route unrelated requests and sensitive media to a third-party backend under narrower expectations, increasing privacy and misuse risk.

Context-Inappropriate Capability

Medium

Confidence: 91% confidence
Finding: The routing and examples include unrelated media-editing actions such as adding BGM, audio track manipulation, aspect ratio changes, and generic editing despite the skill's stated subtitle-generation purpose. This unnecessary capability expansion broadens the attack surface and increases the chance that ordinary media-editing requests are silently handled by this skill and sent to the remote service.

Vague Triggers

Medium

Confidence: 89% confidence
Finding: The invocation guidance uses broad phrases like 'describe what you're after' and examples that are not tightly bound to a unique subtitle-specific intent. Overly generic triggers can cause accidental activation on ordinary user requests, leading to unintended file handling, backend calls, and disclosure of prompts or media.

Vague Triggers

Medium

Confidence: 95% confidence
Finding: The routing table contains an 'Everything else' fallback to the SSE edit path, which effectively makes the activation condition open-ended. In practice, this allows almost any request to be processed by the remote backend, increasing the risk of unintended activation, overcollection of user data, and use beyond the declared skill scope.

Missing User Warnings

Medium

Confidence: 97% confidence
Finding: The skill workflow clearly uploads user video files and prompt content to a cloud backend, but the description does not prominently warn users about this external transmission. Because videos may contain sensitive personal, corporate, or copyrighted content, lack of upfront disclosure creates a meaningful privacy and compliance risk.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal