Vidu Ai

Security checks across malware telemetry and agentic risk

Overview

This is a cloud video-generation skill whose remote authentication, uploads, rendering, and export behavior match its stated purpose, with consent and privacy caveats users should understand.

Install this only if you are comfortable sending video prompts, uploaded images/videos/audio, and generated project state to Nemo/Vidu remote servers. Avoid sensitive media, watch credit usage, and be aware that opening the skill may create an anonymous backend token/session before your first generation request.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (4)

Context-Inappropriate Capability

Low

Confidence: 85% confidence
Finding: The skill instructs runtime detection of the install path to derive platform attribution, which requires inspecting local environment details unrelated to the core task of generating videos. Even though the data collected is limited, unnecessary local metadata access increases privacy exposure and normalizes overscoped behavior in a media-generation skill.

Vague Triggers

Medium

Confidence: 88% confidence
Finding: The phrase "generate my text or images" is broad enough to match ordinary conversation or generic upload requests, which can cause the skill to activate unexpectedly. In this skill, accidental activation is more concerning because activation can trigger automatic network authentication and session creation with a remote service.

Vague Triggers

Medium

Confidence: 84% confidence
Finding: The example trigger phrase is too vague to safely constrain invocation and may be interpreted as a normal creative request rather than a deliberate request to use this specific skill. Because this skill can immediately connect to a remote backend and obtain an anonymous token, weak trigger specificity materially raises the risk of unintended external calls.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The skill directs automatic backend connection and anonymous token acquisition on first open, with only a minimal "Setting up..." notice. This is risky because it initiates outbound authentication activity and creates a remote session before the user has clearly consented, and it may transmit identifiers such as a generated client UUID without meaningful disclosure.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal