Free Video Producer

Security checks across malware telemetry and agentic risk

Overview

This is a coherent cloud video-editing skill, but it can automatically contact a third-party backend and send user media or prompts there with weak user-facing disclosure and broad routing.

Install only if you are comfortable sending selected media, prompts, and related metadata to Nemovideo's cloud backend. Avoid confidential footage unless you trust that provider, and use explicit video-editing requests; review the provider's privacy and retention terms separately.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands

Findings (6)

Description-Behavior Mismatch

Medium

Confidence: 94% confidence
Finding: The manifest markets the skill as handling only common video formats up to 500MB, but the implementation documentation expands accepted inputs to images, audio, and MKV. This mismatch can mislead users and host platforms about the actual data-ingestion surface, weakening review, consent, and policy enforcement around what content may be uploaded to the remote backend.

Context-Inappropriate Capability

Medium

Confidence: 96% confidence
Finding: The upload flow allows the service to fetch media from arbitrary URLs, which materially broadens the skill from chat-uploaded user footage to remote network retrieval. That creates a hidden exfiltration and ingestion path: a user may cause backend requests to third-party or sensitive URLs, and the skill description does not justify or warn about this capability.

Vague Triggers

Medium

Confidence: 90% confidence
Finding: The suggested invocation phrases are broad and natural, making accidental activation more likely for routine requests about creating or exporting video. In a skill that uploads media and connects to an external backend, overbroad triggering increases the chance of users invoking remote processing without realizing which tool is being used.

Vague Triggers

Medium

Confidence: 93% confidence
Finding: The routing table includes a catch-all rule that sends nearly all remaining requests into the SSE editing path. Because this skill performs remote API calls and may process user media in the cloud, ambiguous trigger scope can cause unintended backend interactions for loosely related editing or media prompts.

Missing User Warnings

Medium

Confidence: 97% confidence
Finding: The skill invites users to drop footage into chat and says processing occurs on cloud GPUs, but it does not plainly warn that files are transmitted to an external backend service. For media files, this is a meaningful privacy and consent issue because users may share sensitive or proprietary content without understanding where it is sent.

Missing User Warnings

Low

Confidence: 90% confidence
Finding: The connection flow silently acquires tokens and communicates with a remote API, but the user-facing experience is described as a simple status message and hides technical details. That omission deprives users of informed consent about outbound authentication and service interaction, especially when anonymous token acquisition occurs automatically.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal