B站视频信息服务

Security checks across static analysis, malware telemetry, and agentic risk

Overview

The skill appears intended for Bilibili video lookup, but its artifacts mix in unrelated service references and persist API keys in plaintext without clear user control.

Review this skill before installing. Only use it if you are comfortable sending Bilibili URLs and related metadata to the configured external service, and avoid entering long-lived or high-privilege API keys until the publisher fixes the unrelated domain/tool references and clearly documents or removes plaintext .env credential storage.

SkillSpector (6)

By NVIDIA

Intent-Code Divergence

Medium

Confidence: 83% confidence
Finding: The workflow example instructs the model to call an unrelated function `search_schools(...)`, which is inconsistent with the stated Bilibili-video purpose. Mismatched tool guidance can cause incorrect tool invocation, unintended data access, or unsafe routing behavior if the surrounding codebase contains other tools the model may try to use.

Intent-Code Divergence

Medium

Confidence: 98% confidence
Finding: The configuration clearly references a different product/domain ("小笨羊高考", XBY_GAOKAO, xiaobenyang.com) than the declared Bilibili video info service. This mismatch is dangerous because it suggests code reuse from another skill and increases the likelihood that secrets, endpoints, or behaviors are being routed to an unintended external service, undermining trust and reviewability.

Context-Inappropriate Capability

Medium

Confidence: 96% confidence
Finding: This skill is described as a Bilibili information retrieval service, yet it implements persistent API credential storage and mutation in a local .env file. That expands the skill's privilege and persistence surface beyond what users would reasonably expect, creating risk of silent secret retention, accidental disclosure, or reuse by unrelated processes.

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The skill requires users to provide a Bilibili video URL and relies on an external API service, yet it does not clearly warn that user-supplied content and possibly derived metadata will be transmitted off-platform. This creates a privacy and consent issue, especially if users assume URLs, comments, subtitles, or danmaku are processed locally.

Missing User Warnings

Medium

Confidence: 97% confidence
Finding: The function writes a sensitive API key directly into .env with no confirmation, warning, or visibility controls. This is dangerous because users may not realize the secret is being persisted to disk, where it can be exposed through backups, source control mistakes, local file disclosure, or other tools reading the same workspace.

Ssd 3

Medium

Confidence: 94% confidence
Finding: The skill directs the model to ask the user for an API key in natural language and then persist it via `set_api_key`, creating a direct credential-collection and storage path. This is dangerous because users may disclose secrets into conversational context, and the skill does not describe secure storage, scoping, masking, rotation, or whether the key is written to disk in plaintext.

Static analysis

No static analysis findings were reported for this release.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal