Back to skill

Security audit

Reel to Skill

Security checks across malware telemetry and agentic risk

Overview

This skill does what it claims: it downloads a user-provided short video, extracts audio, and may use OpenAI transcription if an API key is present.

Install only if you are comfortable downloading the videos you provide and storing video/audio/transcript files locally. Unset OPENAI_API_KEY if you want local-only behavior, and review any generated skill before using it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
92% confidence
Finding
The skill instructs use of a script that downloads remote content, invokes shell-accessible tooling, reads environment variables, and writes files, yet the skill declares no permissions. This creates a transparency and policy-enforcement gap: users and the platform may not realize the skill can access network, filesystem, shell tools, and sensitive env values such as API keys.

Tp4

High
Category
MCP Tool Poisoning
Confidence
88% confidence
Finding
The skill description says it will turn a social video into an OpenClaw skill, but the documented behavior includes sending audio to an external transcription service and does not actually implement the promised analysis or skill generation. This mismatch can mislead users about data flows and capabilities, especially when third-party API transmission may expose downloaded audio or derived content outside the local environment.

Missing User Warnings

Medium
Confidence
86% confidence
Finding
The script uploads extracted audio from user-supplied videos to an external transcription API whenever OPENAI_API_KEY is set, but the code provides no explicit disclosure, prompt, or consent gate at runtime. Because social videos may contain personal, confidential, or copyrighted audio, silent transmission increases privacy and compliance risk in this skill context.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.