Ntriq Video Intelligence Mcp

Security checks across malware telemetry and agentic risk

Overview

This is a simple paid connector to an external video-analysis service, with privacy and payment cautions but no hidden executable behavior found.

Install only if you are comfortable sending the referenced video to ntriq's external service and paying per call. Avoid confidential, regulated, internal-only, or surveillance footage unless you have authorization and understand the provider's retention and logging practices.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The skill asks users to provide a `video_url` and advertises analysis via an external endpoint, but it does not clearly disclose that the referenced video and its contents will be transmitted to a third-party service for processing. This creates a privacy and data-handling risk because users may submit sensitive surveillance, moderation, or internal meeting footage without understanding that external transfer occurs.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal