Animated Video Maker Ai

Security checks across malware telemetry and agentic risk

Overview

This is a cloud video-generation skill that sends prompts and uploaded media to a NemoVideo backend, which fits its stated purpose but requires privacy caution.

Install only if you are comfortable sending prompts, uploaded files, and generated project state to NemoVideo servers. Avoid sensitive, confidential, or regulated media unless you have reviewed the provider's privacy, retention, and credit/subscription terms.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (6)

Context-Inappropriate Capability

Medium

Confidence: 97% confidence
Finding: The skill directs the agent to automatically obtain an anonymous backend token when no user-provided credential exists. This causes the agent to authenticate to a third-party service and potentially spend credits or create backend-side state without explicit user consent, which is a real security and trust-boundary issue even if intended for convenience.

Context-Inappropriate Capability

Low

Confidence: 91% confidence
Finding: The skill derives `X-Skill-Platform` from local install paths and transmits it to the remote service, leaking environment metadata unrelated to the user's task. While low severity, it exposes local installation context and can aid fingerprinting of the host environment or user setup.

Vague Triggers

Medium

Confidence: 89% confidence
Finding: The invocation language is broad enough that ordinary user requests about text, images, or video creation may trigger this skill unexpectedly. That increases the chance of unintentional routing to a remote backend, causing surprise data disclosure or unintended actions without clear user intent.

Vague Triggers

Medium

Confidence: 93% confidence
Finding: The catch-all rule routes 'everything else' to the SSE chat action, which is overly permissive and can capture ambiguous prompts that were not meant for this third-party service. In context, that broad routing increases the risk that user content is sent off-platform without a sufficiently specific request.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: Although the file mentions server-side rendering, it does not provide a clear, prominent warning at the point of use that uploaded text, images, audio, or video are transmitted to a remote backend for processing. This is a real privacy and consent issue because users may share sensitive media believing processing is local or agent-internal.

Natural-Language Policy Violations

Medium

Confidence: 84% confidence
Finding: Hard-coding the session language to English without user choice can cause unintended transmission, transformation, or mishandling of non-English content. This is primarily a correctness and user-consent issue rather than a severe exploit path, but it can still affect privacy expectations and output integrity.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal