Back to skill

Security audit

Media Cli Local

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed local media-stack control helper, but agent-run destructive actions should be gated by user confirmation.

Before installing, review the external bash script or pin it to a trusted commit. Protect the generated config file and require explicit confirmation before allowing an agent to add media, pause all downloads, remove torrents, refresh libraries, or delete files.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
89% confidence
Finding
The skill explicitly targets AI-agent shell execution and provides broad natural-language-to-command mappings such as adding shows or pausing all downloads. Without scope limits, confirmation requirements, or authorization boundaries, an agent could translate ambiguous user intent into state-changing or disruptive actions, increasing the risk of unsafe automation.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The documentation includes destructive operations such as removing downloads and optionally deleting files, but it does not emphasize confirmation, backup implications, or safe usage patterns. In an AI-agent context, this omission is more dangerous because an agent may invoke these commands automatically from high-level prompts, causing unintended data loss.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.