DD Video Analyzer

Security checks across malware telemetry and agentic risk

Overview

This skill transparently downloads a user-supplied video and creates local transcript, audio, and frame files for analysis.

Install only if you are comfortable processing remote videos locally and storing downloaded media, transcripts, and screenshots on disk. Use trusted or authorized URLs, choose a private output directory, monitor storage for long videos, and avoid piping sensitive transcripts to external AI tools unless you intend to share that content.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The skill instructs users to download arbitrary remote video content and produce multiple local artifacts (video, audio, transcripts, frames) but does not clearly warn about bandwidth use, disk consumption, copyrighted or untrusted content, or the privacy implications of storing extracted media and transcripts locally. This omission can lead users or agents to fetch large or sensitive content unexpectedly and persist it on disk in ways that increase legal, operational, and data-handling risk.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal