AI Video Script Generator (Yijia Test)

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed video-script and AI-video prompt helper with only minor usability and packaging notes.

Safe to install for script and prompt generation. Before running the optional Yijia commands, review the referenced local scripts, replace the hard-coded paths and target values, and confirm which account, API key, quota, or costs may be used.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 81% confidence
Finding: The trigger phrases are very broad (e.g., 视频脚本, 分镜, AI视频, 短视频文案, 视频策划), so the skill may activate for many ordinary video-related requests that are not specifically asking for this workflow. Over-broad invocation can cause unintended routing, shadow other more appropriate skills, and make agent behavior less predictable or controllable.

Natural-Language Policy Violations

Medium

Confidence: 74% confidence
Finding: The description is written as a Chinese-only behavior without indicating language fallback or user choice. In multi-language agent environments, this can produce unwanted language switching, reduce usability, and cause incorrect or misleading outputs when the user expects another language.

VirusTotal

50/50 vendors flagged this skill as clean.

View on VirusTotal