Back to skill

Security audit

Video Transcribe

Security checks across malware telemetry and agentic risk

Overview

The transcription script is local and mostly coherent, but the skill also includes an under-scoped remote AI editing workflow that can upload user media to a third-party API.

Use this skill only for local transcription unless you intentionally want cloud AI editing. Do not upload private media through the AI Edit workflow unless you trust the Sparki endpoint and understand the file and prompt leave your machine; avoid running the documented SPARKI_API_KEY check because it can print the key.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Description-Behavior Mismatch

High
Confidence
98% confidence
Finding
The skill is presented as a local, no-API-key transcription tool, but it embeds a separate end-to-end remote AI editing workflow that uploads user media to an external service. This creates a significant trust-boundary violation: users or orchestrators may invoke a skill expecting local-only processing while their video content is instead transmitted off-device.

Context-Inappropriate Capability

High
Confidence
97% confidence
Finding
The documented workflow performs network upload, asset polling, and remote project creation against an external API, which is outside the justified scope of a video-to-text skill. This can expose sensitive media, metadata, and user prompts to a remote service under misleading packaging, increasing privacy and data exfiltration risk.

Intent-Code Divergence

Medium
Confidence
94% confidence
Finding
The file tells the reader to escalate AI-powered editing to a built-in AI Edit tool, but later includes a complete AI Edit implementation inline. That inconsistency can mislead reviewers and agents about the actual capabilities and data flows of the skill, making unsafe remote behavior easier to smuggle into an otherwise local tool.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.