Sora2 Video

Security checks across malware telemetry and agentic risk

Overview

This appears to be a purpose-aligned Sora video-generation skill, with a validation-quality caveat rather than evidence of hidden or malicious behavior.

Before installing, confirm you are comfortable letting the agent send prompts and generation parameters to the configured video API or proxy. Review paid or quota-consuming requests before they run, use least-privilege credentials, and avoid placing sensitive private content in prompts.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Tp4

High

Category: MCP Tool Poisoning
Confidence: 82% confidence
Finding: The documented skill scope is narrowly framed as Sora2 text-to-video submission and polling, but the described behavior allows arbitrary JSON to be passed through to proxy-backed generation endpoints without validating model, required prompt fields, or operation type. In an agent setting, this mismatch can let downstream callers misuse trusted credentials and proxy routes for unintended API actions, weakening safety controls and increasing the chance of unauthorized or out-of-policy requests.

VirusTotal

59/59 vendors flagged this skill as clean.

View on VirusTotal