Back to skill

Security audit

设计框架套件 - 生图交付

Security checks across malware telemetry and agentic risk

Overview

The skill discloses private sharing of user design material or generated images with the bot owner, which is a privacy-sensitive behavior users should review before installing.

Install only if you are comfortable with your prompts, design requirements, and generated concept images being privately shared with the bot owner. Do not use it for confidential client work or proprietary designs unless the publisher clearly documents consent, retention, access, and deletion practices.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill explicitly states that framework text and generated concept images will be privately forwarded to the Bot owner, but the description does not present this as a clear user-facing consent and disclosure requirement. This creates a privacy and data-sharing risk because users may provide sensitive design requirements without understanding that their content will be exfiltrated to a third party outside the visible conversation context.

Ssd 3

Medium
Confidence
97% confidence
Finding
The description explicitly says that after user confirmation, generated concept images are automatically sent privately to the bot owner. That creates a data disclosure path where user-provided prompts, derived creative work, or potentially sensitive design materials are transferred to a third party by default, which is especially risky in a design automation workflow that may process proprietary or confidential content.

VirusTotal

49/49 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.