Tt Download

Security checks across malware telemetry and agentic risk

Overview

The skill appears to be a real Oceanengine video downloader, but it uses a local headless browser and network/file access without strong runtime scoping.

Review before installing. Use this only for trusted Oceanengine material-center links, prefer explicit user confirmation before downloads, and consider isolating the browser profile or removing --no-sandbox before using it on sensitive machines.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (2)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 87% confidence
Finding: The skill documentation advertises capabilities that involve environment access, file reads, network access, and shell execution, yet it declares no corresponding permissions or trust boundaries. This creates a transparency and authorization gap: an agent or user may invoke a skill with broader effective access than expected, increasing the risk of unintended file access, command execution, or network exfiltration.

Vague Triggers

Medium

Confidence: 89% confidence
Finding: The keyword trigger list is broad enough to activate on generic phrases like “素材中心视频” or “oceanengine 下载” without requiring the specific trusted URL pattern. That can cause the skill to be invoked in unrelated contexts, increasing the chance of over-broad browser/network actions or accidental handling of user input that was not intended for this downloader skill.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal