NSFW Video Generation

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill's examples explicitly embed an Authorization: Bearer YOUR_API_KEY header in curl commands, which encourages placing API keys directly into command-line requests so an LLM would need to include secret values verbatim if populated.

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). This skill explicitly instructs users to disable the API safety checker (enable_safety_checker: false) to bypass moderation and generate NSFW content, which deliberately facilitates creation of potentially non-consensual or illicit deepfake sexual material and privacy abuse, even though it does not contain code-level backdoors, credential exfiltration, or remote-exec payloads.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly accepts arbitrary image URLs in the "Image-to-Video Animation" flow (see the image_urls parameter and example request in SKILL.md), meaning it fetches and ingests untrusted public content that the agent must interpret and that directly influences generation behavior.