Drpy Source Creator

Security checks across malware telemetry and agentic risk

Overview

The skill mostly matches its stated video-source debugging purpose, but it includes an unsafe helper script and under-scoped guidance around cookies, logs, and third-party parser requests.

Install only if you are comfortable reviewing and running local helper scripts. Do not run the minifier on untrusted or oddly named files until the shell invocation is fixed, avoid putting personal browser cookies into shared configs, redact headers and URLs before sharing logs, and verify any third-party parser URL before using an example source.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (4)

Context-Inappropriate Capability

Medium

Confidence: 94% confidence
Finding: The script builds and executes shell commands with child_process.execSync using user-supplied file paths. Although the paths are wrapped in double quotes, shell metacharacters such as embedded quotes can still break out of the intended argument context, creating a command injection risk if an attacker controls inputFile or outputFile. In this skill context, the tool is intended to process source files, so accepting arbitrary file names from users makes the issue more relevant rather than less.

Missing User Warnings

Medium

Confidence: 89% confidence
Finding: The lazy parser performs outbound requests to the site page, a dynamically selected player script, and then a third-party parsing API without any disclosure, allowlist, or validation of the destination. This can expose user viewing activity and request metadata to external services, and because the parse endpoint is derived from remotely fetched content, it creates a trust-on-first-use style data exfiltration and unsafe remote dependency risk.

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: The guide explicitly instructs users to add Referer and Cookie headers to bypass 403-style protections, but it does not warn that cookies may contain session tokens, personal identifiers, or other sensitive credentials. In a scraping/debugging skill, users may copy live browser cookies into configs or share configs/logs, creating a realistic risk of credential leakage, account misuse, and privacy exposure.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The troubleshooting section recommends wrapping the request function to log full URLs, options, and response details, but gives no warning that these logs can capture cookies, authorization material, query tokens, or other sensitive request metadata. Because this skill is specifically for debugging networked video-source integrations, verbose logging is likely to be used on real endpoints and then copied into chats, issues, or shared files, increasing exposure risk.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal