UAV Farm Health Index Map | 无人机农田健康指数图生成

Security checks across static analysis, malware telemetry, and agentic risk

Overview

This skill claims to analyze UAV farm imagery, but its packaged code and references include mismatched video/pet/human-health analysis behavior plus account and token handling that users should review before installing.

Install only if you are comfortable sending farm imagery, URLs, and a user identifier to the publisher’s remote service, and with the skill creating local account/token storage. The package should be corrected to use agricultural-only code and docs, remove pet/video/human-health remnants, replace the bad yaml dependency, and clearly disclose upload, account, token, and history-report handling before routine use.

SkillSpector (29)

By NVIDIA

Description-Behavior Mismatch

Medium

Confidence: 90% confidence
Finding: Adding cloud-based historical report retrieval and report-link presentation expands the skill from current-image analysis into account-linked data access. That increases exposure of prior reports and metadata beyond what a user would reasonably expect from a one-shot imagery analysis skill.

Description-Behavior Mismatch

Medium

Confidence: 95% confidence
Finding: The workflow requires collecting an open-id derived from a username or phone number, introducing identity binding and account correlation not disclosed by the manifest's core purpose. This can expose personal identifiers and link farm imagery/report data to a specific user account without clear privacy boundaries.

Context-Inappropriate Capability

Medium

Confidence: 96% confidence
Finding: The skill instructs reading configuration files to obtain an api-key/open-id before analysis, which is a credential-access pattern outside the expected scope of image processing. Accessing local config secrets from shared workspace paths risks unauthorized credential use, cross-skill secret leakage, and abuse of existing identities.

Context-Inappropriate Capability

High

Confidence: 97% confidence
Finding: The code injects a default "petType" parameter into an agricultural UAV analysis request, which is unrelated to crop health mapping and strongly suggests copied or repurposed logic from another domain. This can misroute requests, trigger unintended backend behavior, contaminate analysis results, or expose hidden server-side functionality if the backend interprets the unexpected parameter semantically.

Intent-Code Divergence

High

Confidence: 95% confidence
Finding: The inline comment explicitly states that a pet-type parameter was added in a farm-analysis skill, confirming domain-inconsistent behavior rather than an accidental variable name alone. This increases confidence that unrelated business logic has been introduced, creating risk of hidden functionality, incorrect processing, or unauthorized feature access through unexpected request parameters.

Description-Behavior Mismatch

High

Confidence: 94% confidence
Finding: The script claims to perform UAV farmland health-index analysis but routes input into a generic pet-analysis interface and even accepts a pet-type parameter. This semantic mismatch can cause data to be processed by the wrong backend or model, leading to incorrect outputs, accidental disclosure to unrelated services, and unsafe downstream agricultural decisions based on invalid analysis.

Intent-Code Divergence

Medium

Confidence: 91% confidence
Finding: The CLI advertises agricultural image analysis but exposes a classification argument limited to cat/dog/other. This inconsistency is dangerous because operators may unknowingly send farm imagery through an incompatible classification path, producing misleading results and masking backend misuse.

Description-Behavior Mismatch

High

Confidence: 98% confidence
Finding: The referenced API documentation is fundamentally inconsistent with the stated UAV farmland analysis skill: it documents a generic video upload endpoint that performs face detection and human health/constitution diagnosis. This mismatch is dangerous because integrators may unknowingly send farm imagery or even unrelated human video to an endpoint designed for a different purpose, creating risks of data misuse, incorrect processing, privacy exposure, and deceptive capability claims.

Intent-Code Divergence

High

Confidence: 99% confidence
Finding: The request and response schema explicitly describe human face detection and health diagnosis rather than agricultural remote-sensing analysis, despite being presented as supporting this UAV farm health-mapping skill. In context, this increases the likelihood of unsafe integrations, accidental transmission of sensitive imagery to an unrelated backend, false operational decisions based on invalid outputs, and potential regulatory/privacy issues if human subjects appear in uploaded videos.

Description-Behavior Mismatch

High

Confidence: 97% confidence
Finding: The code implements a generic video-analysis CLI and exposes parameters like --input/--url for MP4 analysis, which materially contradicts the declared UAV farmland health-index mapping purpose. This kind of capability/manifest mismatch is dangerous because operators may trust the skill for agricultural decision support while it actually invokes unrelated analysis logic, creating a supply-chain integrity problem and enabling deceptive or unintended processing of user data.

Intent-Code Divergence

Medium

Confidence: 91% confidence
Finding: User-facing descriptions and function docstrings repeatedly state that the tool analyzes video, directly conflicting with the advertised crop-health mapping capability. This is a security-relevant integrity issue because misleading documentation can cause users and downstream systems to submit the wrong data types, misunderstand the processing being performed, and make unsafe operational decisions based on false assumptions.

Context-Inappropriate Capability

Medium

Confidence: 94% confidence
Finding: This file exposes generic add/edit/delete and raw HTTP verb wrappers that are far broader than the skill's stated purpose of generating UAV farm health-index maps. In a plugin or agent environment, such overbroad network and mutation primitives increase the attack surface and can be repurposed to call arbitrary backend endpoints or perform unintended state-changing actions unrelated to the advertised analysis workflow.

Description-Behavior Mismatch

Medium

Confidence: 91% confidence
Finding: The presence of add, edit, and delete remote operations is inconsistent with a manifest describing an analysis-oriented imaging skill that should mainly ingest imagery and return map results. This mismatch can mislead users and reviewers about the actual capability set, enabling unauthorized or unexpected modification of remote resources if the wrappers are reachable by the agent or other components.

Context-Inappropriate Capability

Medium

Confidence: 92% confidence
Finding: The shared configuration layer reads platform/user identity values from environment variables and stores them in global class attributes, even though this UAV farm health-index skill does not appear to require user-identity ingestion to perform image-based agronomic analysis. In a shared runtime, this creates unnecessary collection and propagation of identifying metadata, increasing privacy exposure and making it easier for downstream code to silently couple farm analysis with user tracking or cross-tenant context.

Description-Behavior Mismatch

High

Confidence: 89% confidence
Finding: The file defines persistent user-account storage, including identity fields and account-like metadata, which is unrelated to the described UAV imagery health-map function. Hidden user data handling broadens the attack surface, creates unnecessary privacy and secret-management risk, and may enable unauthorized persistence of account information in a skill that users would not expect to manage identities.

Context-Inappropriate Capability

High

Confidence: 95% confidence
Finding: Storing token and open_token fields in a local SQLite-backed user table introduces credential-handling behavior unrelated to farm-image analysis. If the database is exposed, copied, or improperly accessed, these secrets could be reused for account compromise or unauthorized API access.

Description-Behavior Mismatch

Medium

Confidence: 84% confidence
Finding: The DAO automatically creates and alters a persistent SQLite schema under the workspace, adding undisclosed stateful behavior beyond the stated analysis workflow. In this skill context, unexpected local persistence is more suspicious because the manifest describes image analysis outputs, not background account/database management.

Context-Inappropriate Capability

High

Confidence: 93% confidence
Finding: This utility performs hidden account creation/login, token retrieval/storage, and a payment-upgrade flow that are unrelated to the advertised UAV imagery analysis function. That mismatch is dangerous because invoking a seemingly agricultural analysis skill can silently transmit identifiers, provision remote accounts, and steer users into external billing flows without clear consent or scope limitation.

Description-Behavior Mismatch

Medium

Confidence: 91% confidence
Finding: The implemented behavior is dominated by generic external-service authentication and token management rather than vegetation-index or map-analysis logic described in the manifest. This functionality mismatch increases supply-chain risk because the skill may act as a wrapper for unrelated backend operations while users believe they are only processing farm imagery.

Vague Triggers

Medium

Confidence: 88% confidence
Finding: The default trigger condition is broad enough to activate on generic image-analysis requests whenever imagery is uploaded, which can cause unintended execution of file-saving and remote-processing behavior. Overbroad activation is risky here because the skill also performs network submission and account-linked operations.

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The workflow indicates uploaded imagery and identifiers are sent to a remote API, but the skill lacks a clear privacy warning and consent step before transmission. This is dangerous because UAV imagery may contain sensitive location, operational, or proprietary agricultural data, and the open-id links that data to an account.

Missing User Warnings

Medium

Confidence: 83% confidence
Finding: The script requires an open_id and stores it in process-wide state without any notice about privacy, retention, or downstream sharing. In this context, user identifiers may be tied to farm ownership, operations, or account data, creating privacy and compliance risk if logged, reused across requests, or exposed through errors.

Missing User Warnings

Medium

Confidence: 69% confidence
Finding: The script accepts a remote URL as analysis input but gives no explicit warning that content may be fetched or transmitted over the network. In a UAV-imagery workflow, this can expose sensitive farm location data or cause unintended retrieval of attacker-controlled URLs, increasing privacy and SSRF-style risk depending on the downstream implementation.

Missing User Warnings

Medium

Confidence: 87% confidence
Finding: The API documentation instructs users to upload videos or provide public video URLs without any privacy or data-handling warning. Even in an agricultural context, UAV imagery can capture neighboring properties, workers, vehicles, or other identifiable/sensitive information, so silent transmission to a remote service creates avoidable privacy and compliance risk.

Missing User Warnings

Medium

Confidence: 90% confidence
Finding: The skill uploads either raw local file contents or a user-supplied remote URL to an external analysis service without any visible consent, warning, redaction step, or destination transparency in this file. This creates a real privacy and data-governance risk because sensitive imagery, metadata, or internal URLs may be transmitted off-system unexpectedly, especially in enterprise or regulated agricultural environments.

Static analysis

Install untrusted source

Warn

Finding: Install source points to URL shortener or raw IP.

Dep not found on registry

Critical

Finding: 1 package(s) referenced in dependency files do not exist on their public registries: yaml (pypi)

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal