Back to skill

Security audit

CreatOK Analyze Video

Security checks across malware telemetry and agentic risk

Overview

This TikTok analysis skill mostly does what it says, but it includes broader remote task APIs and persistent artifact writing that users should review before installing.

Install only if you are comfortable sending TikTok URLs to CreatOK and keeping returned transcripts, visual analysis, metadata, and results in local .artifacts folders. Use a dedicated CreatOK API key, delete artifacts after sensitive analyses, and be cautious with follow-up generation workflows or any use of the broader task APIs.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Description-Behavior Mismatch

Medium
Confidence
89% confidence
Finding
The client exposes generic task submission and polling methods that are broader than the manifest's stated purpose of TikTok video analysis and script breakdown. This creates a capability mismatch: downstream skill code could invoke arbitrary remote task execution features under the same bearer credential, expanding the attack surface and enabling unintended data processing or abuse beyond the user's expected scope.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill states that it requires network access to the CreatOK Open Skills API, but it does not clearly warn users that submitted TikTok URLs and derived transcript/vision data will be transmitted to an external service and stored as artifacts. That creates a privacy and data-handling risk, especially if users analyze non-public, sensitive, or regulated content without understanding the off-system transfer.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The handoff rule encourages inferring intent from broad natural-language phrases like 'go ahead and generate' or 'turn this into a video', which can trigger a different skill without an explicit user confirmation. In a multi-skill agent, this increases the chance of unintended capability invocation, context leakage across skills, or performing actions the user did not clearly authorize.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.