Subtitle Translator

Security checks across malware telemetry and agentic risk

Overview

This skill translates user-selected subtitle files through a user-provided LLM API, with the main privacy and credential risks disclosed in its documentation.

Install only if you are comfortable sending subtitle text to the configured API provider. Use trusted HTTPS endpoints and trusted network/proxy settings, avoid command-line or plaintext-file API keys on shared systems, and do not process confidential subtitles unless you control or trust the API service.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Rogue AgentSelf-Modification, Session Persistence
MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (9)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 97% confidence
Finding: The skill documentation describes capabilities to read subtitle files, write translated output, access environment variables for API credentials, and make outbound network requests, but no declared permissions are present. This creates a real security governance gap because users and platforms cannot accurately assess or constrain what the skill can access before use.

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The script sends subtitle text to a user-supplied external LLM endpoint for translation, but it provides no explicit warning, confirmation, or privacy notice that subtitle contents may leave the local environment. Subtitle files often contain sensitive or copyrighted material, so users may unintentionally disclose private data to third-party services.

External Transmission

Medium

Category: Data Exfiltration
Content: --output video_zh.srt \ --source-lang en \ --target-lang zh \ --api-url https://api.openai.com/v1 \ --api-key sk-... \ --model gpt-4 ```
Confidence: 93% confidence
Finding: https://api.openai.com/

External Transmission

Medium

Category: Data Exfiltration
Content: --source-lang en \ --target-lang zh \ --bilingual \ --api-url https://api.openai.com/v1 \ --api-key sk-... ```
Confidence: 93% confidence
Finding: https://api.openai.com/

External Transmission

Medium

Category: Data Exfiltration
Content: ```bash python3 scripts/list_models.py \ --api-url https://api.openai.com/v1 \ --api-key sk-... ```
Confidence: 86% confidence
Finding: https://api.openai.com/

External Transmission

Medium

Category: Data Exfiltration
Content: ### Option 1: Environment Variables (Recommended) ```bash export SUBTITLE_API_URL="https://api.openai.com/v1" export SUBTITLE_API_KEY="sk-your-api-key" export SUBTITLE_MODEL="gpt-4"
Confidence: 90% confidence
Finding: https://api.openai.com/

External Transmission

Medium

Category: Data Exfiltration
Content: python3 scripts/translate_srt.py \ -i input.srt \ -o output.srt \ -u https://api.openai.com/v1 \ -k sk-your-api-key \ -m gpt-4 ```
Confidence: 95% confidence
Finding: https://api.openai.com/

External Transmission

Medium

Category: Data Exfiltration
Content: ```json { "api_url": "https://api.openai.com/v1", "api_key": "sk-your-api-key", "model": "gpt-4", "batch_size": 50,
Confidence: 94% confidence
Finding: https://api.openai.com/

Session Persistence

Medium

Category: Rogue Agent
Content: ### Option 3: Config File (Less Secure) Create `~/.openclaw/skills/subtitle-translator/config.json`: ```json {
Confidence: 92% confidence
Finding: Create `~/.openclaw

VirusTotal

55/55 vendors flagged this skill as clean.

View on VirusTotal