Security audit

Huo15 Influencer Video Skill

Security checks across malware telemetry and agentic risk

Overview

This skill appears to do what it advertises: generate short product videos using disclosed external AI/TTS services and local media tools.

Install only if you are comfortable using billable Ark/Seedance or optional Volcengine TTS credentials and sending selected product images and scripts to those services. Run dry-run first, confirm estimated cost before full rendering, install dependencies from trusted sources, and choose output paths that will not overwrite important files.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Behavioral ASTexec() Call, eval() Call, Dynamic Import
Taint TrackingDirect Taint Flow, Variable-Mediated Taint Flow, Credential Exfiltration Chain
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands

Findings (5)

subprocess module call

Medium

Category: Dangerous Code Execution
Content: "-c:a", "copy", video_out, ] subprocess.run(cmd, check=True, capture_output=True) return video_out
Confidence: 88% confidence
Finding: subprocess.run(cmd, check=True, capture_output=True)

Tainted flow: 'video_url' from requests.get (line 108, network input) → requests.get (network output)

Medium

Category: Data Flow
Content: print(f" [{time.strftime('%H:%M:%S')}] {st}") if st == "succeeded": video_url = d["content"]["video_url"] with requests.get(video_url, stream=True, timeout=120) as vr: with open(output, "wb") as f: for chunk in vr.iter_content(8192): f.write(chunk)
Confidence: 95% confidence
Finding: with requests.get(video_url, stream=True, timeout=120) as vr:

Vague Triggers

Medium

Confidence: 82% confidence
Finding: The trigger phrases include very generic terms such as '生成视频', '产品视频', and '拍视频', which are likely to overlap with ordinary conversation. That increases the chance of accidental invocation, causing unintended external API usage, local file processing, and billable operations in contexts where the user did not specifically intend to activate this skill.

Vague Triggers

Medium

Confidence: 84% confidence
Finding: The aliases include broad generic names like '带货视频', 'AI视频生成', and '产品视频' without any activation constraints. In a skill that can write files, call external services, and incur usage charges, ambiguous aliases materially raise the risk of unintended activation and execution.

Missing User Warnings

Medium

Confidence: 84% confidence
Finding: The pipeline uploads a user-supplied product image and generated prompt text to an external cloud API, but this file contains no explicit consent, warning, or data-handling notice. In a skill context that may process private images or commercial materials, undisclosed third-party transmission is a meaningful privacy and compliance risk.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal