Back to skill

Security audit

LiblibAI Image & Video Gen

Security checks across malware telemetry and agentic risk

Overview

This is a normal LiblibAI image and video generation skill, with the main caveat that prompts and media URLs are sent to LiblibAI.

Install this if you intend to use LiblibAI for image or video generation. Avoid submitting confidential prompts, private image URLs, or sensitive media unless you are comfortable sharing that content with LiblibAI under its data-handling terms.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Lp3

Medium
Category
MCP Least Privilege
Confidence
95% confidence
Finding
The skill documentation indicates use of environment variables for API credentials and outbound network access, but it does not declare corresponding permissions. Undeclared capabilities reduce transparency and can bypass expected consent/review boundaries, especially for a skill that can send user prompts and media to an external service.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The trigger description is broad enough to match many ordinary image or video creation requests, which can cause this skill to be invoked in contexts the user did not specifically intend. Because the skill uses an external API and credentials, overbroad activation increases the chance of unnecessary data transmission or unintended third-party processing.

Missing User Warnings

Low
Confidence
84% confidence
Finding
The README explains that API keys are required and that prompts/media are sent to LiblibAI, but it does not clearly warn users about privacy, retention, or third-party handling implications. In a media-generation skill, users may submit sensitive prompts or reference images, so lack of notice can lead to uninformed disclosure to an external provider.

Missing User Warnings

Medium
Confidence
84% confidence
Finding
This client sends user prompts and any supplied reference image URLs to a third-party API endpoint, but the code provides no user-facing disclosure, consent flow, or minimization around that external sharing. In an agent skill context, prompts and URLs may contain sensitive or proprietary data, so silent transmission creates a real privacy and data-handling risk even though the network call itself is expected functionality.

External Transmission

Medium
Category
Data Exfiltration
Content
"""Make authenticated POST request to LiblibAI API."""
    params = make_sign(uri, ak, sk)
    url = f"{BASE_URL}{uri}"
    resp = requests.post(url, params=params, json=body, headers={"Content-Type": "application/json"}, timeout=30)
    resp.raise_for_status()
    data = resp.json()
    if data.get("code") and data["code"] != 0:
Confidence
89% confidence
Finding
requests.post(url, params=params, json=

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.