Back to skill

Security audit

Industrial Mecha Style Transform (Seedance 2.0)

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed paid WeryAI video-generation skill with expected API-key, network, and optional image-upload risks that users should handle carefully.

Use this only if you trust WeryAI and are comfortable providing a paid WERYAI_API_KEY. Prefer a dedicated or limited API key, confirm the full prompt and SEEDANCE_2_0 model before each run, and use public HTTPS image URLs unless you intentionally want a specific local image uploaded to WeryAI.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
93% confidence
Finding
The skill declares no explicit permissions while clearly requiring both secret environment access (`WERYAI_API_KEY`) and outbound network access to third-party WeryAI endpoints. This under-declaration is dangerous because installers and reviewers may not realize the skill can exfiltrate data to an external service or incur paid API usage, especially given the documented possibility of local image upload.

Tp4

High
Category
MCP Tool Poisoning
Confidence
89% confidence
Finding
The skill claims to be locked to `SEEDANCE_2_0` and framed as a narrow mecha-style generator, but the documented underlying script can list models, accept arbitrary model values, perform generic generation, poll tasks, and potentially upload local files. This mismatch weakens user trust boundaries: a caller may believe the skill is constrained and low-risk when the actual implementation has broader networked behavior and can send unexpected content, including local images, to a third-party service.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The documentation explicitly states that local image paths will be automatically uploaded to a remote WeryAI endpoint before generation, but it does not present this as a privacy/security warning or require explicit user acknowledgement. In a skill context, users may reasonably assume local files stay local unless clearly warned, so this can cause unintended exfiltration of sensitive images, metadata, or proprietary assets to a third-party service.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.