Back to skill

Security audit

Directoryahu

Security checks across malware telemetry and agentic risk

Overview

This is a coherent video-production skill with expected media/API/file access, but users should not rely on its stated face-detection safety gate until it is implemented.

Install only if you intend to generate Islamic short-form videos and are comfortable granting scoped access to web research, media-generation APIs, TTS providers, FFmpeg, and local output folders. Configure API keys with limits, review religious content before publishing, narrow activation for ambiguous requests, and implement real face detection before relying on the faceless-content guarantee.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Intent-Code Divergence

Medium
Confidence
98% confidence
Finding
The code and comments describe face detection as a hard safety gate, but _validate_no_faces() is a no-op that always passes. This creates a security/integrity gap where operators may rely on a control that does not exist, allowing prohibited or policy-violating visual content to be generated and published without review.

Vague Triggers

Medium
Confidence
76% confidence
Finding
The trigger guidance is broad enough to activate on generic short-form content creation requests, not just clearly scoped Islamic story workflows. Over-broad auto-activation can cause the wrong pipeline to run, leading to unintended tool use, external API calls, file creation, and logging without the user specifically requesting this skill.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill states that it will save generated outputs and log to a content calendar, but the description does not warn users about these persistent side effects. In a content-production pipeline, silent output creation and logging can expose sensitive prompts, user topics, or generated media and may violate user expectations or workspace policies.

Natural-Language Policy Violations

Medium
Confidence
91% confidence
Finding
The skill hard-codes a specific religious/cultural visual depiction for the narrator (male, white thobe, red-checkered keffiyeh) as a default branding requirement rather than deriving it from explicit user preference or documented content constraints. In a religious-content generation pipeline, this can misrepresent users' beliefs, reinforce stereotypes, and generate culturally sensitive outputs without consent, making the issue more concerning in context rather than less.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The agent explicitly routes narration text to external TTS providers, but provides no disclosure, consent step, or data-handling constraints for the script content being sent off-platform. Because the skill is designed for end-to-end content generation and may process unpublished, proprietary, or sensitive religious/community material, this creates a real data exposure and privacy risk rather than a purely theoretical issue.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.