A2e Ai Image To Video

Security checks across malware telemetry and agentic risk

Overview

This is a coherent cloud image-to-video skill, but it sends prompts, selected media, and session identifiers to NemoVideo for processing.

Install only if you are comfortable sending selected images, file URLs, prompts, and project state to NemoVideo's cloud backend. Avoid confidential, regulated, or highly personal media unless you trust that provider and its data handling.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (4)

Description-Behavior Mismatch

Medium

Confidence: 93% confidence
Finding: The skill is presented as a narrow image-to-video tool, but the implementation exposes broader multimedia editing behaviors including audio/text manipulation, timeline control, and support for many unrelated media formats. This scope mismatch can mislead users and host systems about what the skill is allowed to do, weakening consent and policy-based review boundaries.

Vague Triggers

Medium

Confidence: 89% confidence
Finding: The trigger examples are broad and generic, increasing the chance that unrelated user requests will invoke this skill unintentionally. Over-broad invocation can cause unexpected file uploads, backend connections, or remote processing without clear user intent, especially when paired with automatic setup behavior.

Vague Triggers

Medium

Confidence: 95% confidence
Finding: Routing 'Everything else' to the main SSE action creates a catch-all path that can forward arbitrary user text to the remote backend. In practice, this broadens the skill from a constrained media tool into a general proxy for external processing, increasing the risk of unintended data transmission and policy bypass.

Missing User Warnings

Medium

Confidence: 97% confidence
Finding: The skill instructs automatic backend connection, anonymous token acquisition, and session creation without clearly notifying users that data and identifiers will be transmitted to a third-party service. This undermines informed consent and can expose prompts, files, and generated client identifiers to external infrastructure before the user meaningfully approves network activity.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal