Ai Video Generation Online

Security checks across malware telemetry and agentic risk

Overview

This skill sends prompts and media to a Nemo Video cloud service for video generation, which matches its stated purpose and is mostly disclosed.

Install only if you are comfortable sending prompts, URLs, images, videos, audio, and related job metadata to Nemo Video's cloud service. Do not upload confidential, regulated, or proprietary media unless you trust that provider's privacy, retention, and account-credit practices.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The skill explicitly instructs users to send text and images to a remote backend but does not clearly warn that user content will leave the local environment and be processed by a third-party service. This can lead users to disclose sensitive business, personal, or copyrighted material without informed consent, increasing privacy and compliance risk.

VirusTotal

59/59 vendors flagged this skill as clean.

View on VirusTotal