Seedance Cog

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-only CellCog/Seedance video-generation helper, with privacy and synthetic-media cautions but no evidence of hidden or harmful behavior.

Install only if you intend to use CellCog/Seedance and trust that provider with the prompts, uploaded assets, and generated media for your task. Avoid submitting secrets, regulated data, or confidential material unless approved, and use synthetic voice, lipsync, and spokesperson outputs only with proper consent and disclosure.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The skill instructs users to send arbitrary prompts to CellCog for video generation, but it does not clearly disclose that prompts and related content are transmitted to an external third-party service. This can lead users to unknowingly send sensitive business data, personal information, or proprietary creative material off-platform, creating privacy, confidentiality, and compliance risks.

Missing User Warnings

Medium

Confidence: 89% confidence
Finding: The skill advertises voice synthesis, lipsync, scoring, and full-production automation without warning users that it can generate realistic synthetic media. Absent disclosure, users may underestimate impersonation, consent, reputational, and misuse risks associated with creating spokesperson-style or voice-cloned content.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal