Back to skill

Security audit

Video Subtitles

Security checks across malware telemetry and agentic risk

Overview

This skill does the expected subtitle and video-processing work, with some normal local execution and file-writing risks to understand before use.

Install only if you are comfortable running local video-processing commands on media files you choose, allowing output files to be created next to the input or at a specified path, and allowing transcription models to be downloaded or cached. Avoid running it with elevated privileges or on shared machines where /tmp file races matter.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Output HandlingUnvalidated Output Injection, Cross-Context Output, Unbounded Output
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
84% confidence
Finding
The skill documentation instructs users to run local scripts that write subtitle/output files and invoke external tooling such as ffmpeg, but it does not declare corresponding permissions. Even if these behaviors are expected for a video-processing skill, the missing permission metadata reduces transparency and weakens policy enforcement, making it easier for a user or orchestrator to approve execution without understanding filesystem and shell side effects.

Unvalidated Output Injection

High
Category
Output Handling
Content
output_path
            ]
        
        result = subprocess.run(cmd, capture_output=True, text=True)
        if result.returncode != 0:
            print(f"ffmpeg error: {result.stderr}", file=sys.stderr)
            raise RuntimeError("ffmpeg failed")
Confidence
79% confidence
Finding
subprocess.run(cmd, capture_output

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.