WeryAI video tool — watermark remove

Security checks across malware telemetry and agentic risk

Overview

This skill is narrowly scoped to user-confirmed watermark removal by sending a public HTTPS video URL to WeryAI, with no evidence of hidden local access or persistence.

Install only if you are comfortable sending the video URL and optional watermark-region coordinates to WeryAI under your WeryAI API key. Confirm the exact URL and regions before paid submit or wait runs, use dry-run first, and avoid signed, private, internal, or sensitive media URLs.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: This skill transmits user-supplied video URLs and optional watermark region coordinates to the third-party WeryAI API, but the code provides no explicit user-facing disclosure or consent step before external transmission. Even though the transfer is core to the skill’s purpose, the lack of transparency can expose sensitive media references or processing instructions to an external service without the user clearly understanding that data leaves the local/runtime boundary.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal