Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 70% confidence
- Finding
- Without declared permissions the skill's intent is opaque and cannot be validated.
one-number-explains-video-gen
Security checks across malware telemetry and agentic risk
Overview
This is a disclosed WeryAI video-generation skill whose API key, network use, paid generation, and optional local image upload are documented and aligned with creating short data-stat videos.
Install this only if you intend to use WeryAI and are comfortable providing a WERYAI_API_KEY to a paid third-party video service. Review the final prompt before generation, prefer public HTTPS image URLs, and only provide a local image path when you intentionally want that exact file uploaded to WeryAI.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
- MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)
Tp4
High
- Category
- MCP Tool Poisoning
- Confidence
- 98% confidence
- Finding
- This is a mismatch because the declared description presents a narrow, content-specific tool for creating data-hook style vertical videos with hero numbers, counters/graphs, meaning lines, and timed English captions. The actual code does not implement any specialized data-visualization, captioning, ticker, graph, or stat-hook logic. Instead, it provides a broad WeryAI API wrapper for generic video generation, including model discovery, file upload, task submission, and status polling. Those capabilities are materially broader and different from the declared purpose.
Natural-Language Policy Violations
Medium
- Confidence
- 95% confidence
- Finding
- The skill description mandates "English subtitles" as a default behavior. This is a natural-language locale policy concern because it imposes a specific language choice rather than offering the user a language selection or framing English as optional.
Natural-Language Policy Violations
Medium
- Confidence
- 98% confidence
- Finding
- This line explicitly tells the skill to translate a Chinese brief into English on-screen text unless the user says otherwise. That is a direct language-policy violation because it defaults to a specific language without affirmative user opt-in.
VirusTotal
66/66 vendors flagged this skill as clean.