Video Filter Effects

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed cloud video-editing skill, but users should know their selected media and prompts go to NemoVideo for processing.

Install only if you are comfortable sending chosen videos, images, audio, URLs, prompts, session metadata, and rendered outputs to NemoVideo's cloud service. Avoid confidential media unless you trust that provider, keep NEMO_TOKEN private, and ask the agent to confirm before uploads, URL ingestion, or exports that may consume credits or create hosted output files.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (4)

Description-Behavior Mismatch

Medium

Confidence: 91% confidence
Finding: The manifest and top-level description frame the skill as a narrow video-filter tool, but the body documents a much broader multimedia editing capability including timeline editing, text overlays, audio handling, state inspection, and export orchestration. This mismatch can mislead users and reviewers about the real scope of data handling and actions the skill can perform, reducing informed consent and weakening security review.

Description-Behavior Mismatch

Low

Confidence: 83% confidence
Finding: The skill is presented as accepting uploaded user video clips, but the documented upload endpoint also permits URL-based ingestion. That expands the trust boundary and can lead to unexpected remote content fetching, with users and reviewers unaware that third-party URLs may be retrieved by the backend.

Vague Triggers

Medium

Confidence: 80% confidence
Finding: Trigger phrases such as "add my video clips" and especially the incomplete, conversational phrase "apply a cinematic color grade and" are broad enough to overlap with ordinary chat, increasing the chance of accidental invocation. Unintended activation is more concerning here because the skill performs cloud-backed media operations and session setup involving authentication and uploads.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The skill instructs automatic connection to a cloud backend, token acquisition, session creation, and later media upload/processing, but it does not clearly warn users up front that their media and prompts are sent to a third-party cloud service. This undermines informed consent and can expose sensitive user content or metadata unexpectedly.

VirusTotal

61/61 vendors flagged this skill as clean.

View on VirusTotal