Video Generative

Security checks across malware telemetry and agentic risk

Overview

This is a cloud video-generation skill whose network calls, uploads, token use, and session handling match its stated purpose, but users should know their prompts and selected media go to NemoVideo.

Install this only if you are comfortable sending your prompts and chosen media files to NemoVideo for cloud processing. Avoid confidential or regulated content unless you trust that provider, and protect any NEMO_TOKEN because it may control credits and access to provider sessions.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (4)

Vague Triggers

Medium

Confidence: 93% confidence
Finding: The routing rule sends essentially any unmatched request into the generate/edit SSE pipeline, which can cause ordinary conversation or unintended inputs to be forwarded to the remote backend. In this skill, that means user text and possibly contextual content may be transmitted off-platform without a clear invocation boundary, increasing privacy and unintended-action risk.

Vague Triggers

Medium

Confidence: 89% confidence
Finding: The suggested phrases are broad enough to overlap with normal conversation, making accidental activation more likely. Because this skill uploads prompts/files and creates remote sessions, ambiguous invocation guidance increases the chance that users unknowingly trigger external processing.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The skill instructs the agent to send prompts, files, and session state to `mega-api-prod.nemovideo.ai`, but the user-facing description does not clearly disclose this remote data transfer. That lack of transparency can cause users to share sensitive text or media without informed consent, especially given support for uploads up to 200MB.

Missing User Warnings

Low

Confidence: 91% confidence
Finding: The skill automatically obtains an anonymous token on the user's behalf if `NEMO_TOKEN` is not present, but this behavior is not disclosed up front. Silent credential acquisition reduces user awareness of backend account creation/usage and may surprise users about credits, service terms, or identity/session linkage.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal