Media Cli

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed media-server control skill, with real mutation and deletion capabilities that users should gate carefully.

Install only if you are comfortable giving an agent shell-level control over your media stack. Review the external script before running it, protect the stored API keys and SSH access, and require confirmation before add, pause, remove, refresh, or delete-file actions.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 90% confidence
Finding: The skill explicitly markets natural-language-to-shell mappings such as "Add Succession" and "Pause all downloads" without requiring confirmation, authorization boundaries, or narrower command scoping. In an agentic environment, broad NL triggers can cause unintended state-changing actions if user intent is misparsed, prompt-injected, or inferred from ambiguous context.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The documented commands include destructive operations such as removing media entries and removing downloads with optional file deletion, but the skill text does not prominently warn that these are irreversible or potentially delete local data. In agent use, this increases the chance of accidental destructive execution from ambiguous prompts or automation mistakes.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal