Back to skill

Security audit

Media Analyzer

Security checks across malware telemetry and agentic risk

Overview

This skill is a straightforward local media-analysis helper, with the main caution that generated images can overwrite existing files if the user chooses the same output path.

Install only if you are comfortable running a local shell script over media files you select. Use trusted ffmpeg/ffprobe binaries and provide explicit, non-conflicting output filenames for frames, covers, and waveforms to avoid overwriting existing files.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Vague Triggers

Medium
Confidence
90% confidence
Finding
The trigger phrase "内容分析" is broad enough to match many general requests unrelated to media files, which can cause unintended skill activation. In an agent system, over-broad routing can expose local file-processing capabilities or external-media handling in contexts where the user did not intend to invoke this skill.

Vague Triggers

Medium
Confidence
93% confidence
Finding
Several listed triggers, including generic requests like video/audio analysis or media info, lack clear scoping rules tying activation to actual audio/video workflows. This increases the chance of accidental invocation, misrouting, or processing of unintended inputs, especially in systems that auto-select skills from natural-language prompts.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The frame extraction command uses ffmpeg with the -y flag, which overwrites an existing output file without prompting the user. In an agent or automation context, a caller-controlled output path could cause unintended destruction of existing files, especially if the script runs with elevated privileges or in sensitive directories.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The cover extraction path also invokes ffmpeg with -y, allowing silent overwrite of any existing file named by the output argument. Because the script accepts arbitrary output paths, this can lead to accidental or automated clobbering of user files and is more dangerous in unattended execution environments.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
Waveform generation likewise uses ffmpeg -y and will silently replace an existing file at the supplied output path. This creates an integrity risk rather than code execution, but it is still a real vulnerability when exposed through agent workflows that may pass user-influenced filenames.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.