Influencer Report

Security checks across malware telemetry and agentic risk

Overview

This skill is not malicious, but its profile mode can pull unrelated videos from a Memories.ai library into a creator-specific vetting report.

Install only if you are comfortable giving the skill Memories.ai API keys and sending creator/video URLs to Memories.ai. Prefer direct video URLs over profile mode, or review/fix the profile workflow so it only analyzes videos proven to belong to the requested creator.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands

Findings (6)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 95% confidence
Finding: The skill documentation describes use of environment variables, external network access, and report generation/file output, but it does not declare any permissions. This creates a transparency and consent problem: users or hosting systems may not realize the skill can access secrets and transmit data externally, which increases the risk of unintended secret exposure or unauthorized outbound data handling.

Description-Behavior Mismatch

Medium

Confidence: 96% confidence
Finding: In profile-based mode, the script scrapes a requested profile but then analyzes videos pulled from the entire V1 library and a generic search query rather than verifying that each video belongs to the requested creator. This can produce a misleading vetting report about the wrong person and may expose or process unrelated content in the workspace, which is especially risky in a brand-safety workflow where attribution accuracy is critical.

Context-Inappropriate Capability

Medium

Confidence: 91% confidence
Finding: The skill includes functions to enumerate the full video library and run arbitrary searches, even though the stated task is to vet a single influencer. Those capabilities expand data access beyond task necessity and can be misused to inspect unrelated content, violating least-privilege and increasing privacy exposure.

Missing User Warnings

Medium

Confidence: 97% confidence
Finding: The setup section tells users to provide API keys and the workflow sends profile URLs, video URLs, transcripts, and metadata to Memories.ai services, but the skill does not clearly disclose this data transfer. This is dangerous because users may submit creator data assuming local analysis, creating privacy, compliance, and third-party sharing risks, especially when analyzing potentially sensitive account content.

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The script sends creator profile URLs and video URLs to third-party Memories.ai endpoints without any explicit user notice, confirmation, or consent flow. In a vetting context, these URLs may reveal whom the user is investigating and cause external processing of potentially sensitive or proprietary targets.

Missing User Warnings

Low

Confidence: 80% confidence
Finding: Writing the generated report directly to a user-specified path can overwrite existing local files without warning. While this is not code execution, it can cause loss of data or accidental modification of important files if the path is incorrect or attacker-influenced.

VirusTotal

51/51 vendors flagged this skill as clean.

View on VirusTotal