智能音频分离工具

Security checks across malware telemetry and agentic risk

Overview

This is a coherent local audio-splitting tool, but its unauthenticated localhost web API can expose, trim, download, and delete processed media while the service is running.

Install only if you are comfortable running a local unauthenticated media-processing web service. Keep it bound to localhost, stop it when not in use, avoid browsing untrusted sites while it is running, verify any process before killing port 8765, and manually manage or delete sensitive uploads, outputs, trims, and history.

SkillSpector

By NVIDIA

Vulnerability Patterns

Tool MisuseTool Parameter Abuse, Chaining Abuse, Unsafe Defaults
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (2)

Description-Behavior Mismatch

Medium

Confidence: 76% confidence
Finding: The code invokes a server-side modification endpoint (`POST /api/trim`) using user-controlled `task_id`, `track_name`, `start_time`, and `end_time`, despite the skill being described only as a separator. This hidden capability increases attack surface and may enable unauthorized or unreviewed server-side file processing if backend authorization, input validation, or ownership checks are weak.

Tool Parameter Abuse

High

Category: Tool Misuse
Content: --- ### 6. 清理任务文件 — DELETE /api/cleanup/{task_id} **响应**：`{ "message": "已清理 N 个文件" }`
Confidence: 71% confidence
Finding: DELETE /api/cleanup/{task_id}

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal