Back to skill

Security audit

Image Editor

Security checks across malware telemetry and agentic risk

Overview

This skill is a remote image-editing connector that clearly matches its stated purpose, with normal privacy considerations around uploading and storing images.

Install only if you are comfortable sending image inputs to AgentPMT-hosted infrastructure. Avoid using it on confidential screenshots, IDs, private photos, or regulated data unless your account and retention requirements allow it; use return_base64 or store_file=false where supported if you do not need stored output links.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill explicitly supports remote image upload by URL/base64/file ID and notes that outputs are stored in cloud storage by default, but it does not prominently warn at the start that user-provided images and derived outputs are transmitted to a third-party service and retained for up to 7 days. This can lead agents or users to send sensitive screenshots, IDs, or private imagery off-platform without informed consent or minimization.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The schema repeatedly sets store_file to true by default for edited outputs, but does not clearly warn users that their images will be persisted to cloud storage unless they opt out. This can lead to unintended retention of sensitive images, thumbnails, watermarked assets, or derived content, creating confidentiality and data-governance risk in normal use.

Missing User Warnings

Low
Confidence
84% confidence
Finding
The schema allows fetching source images from public URLs without warning that this causes network access to third-party hosts and may disclose user intent, IP/service metadata, or trigger retrieval of sensitive externally hosted content. In an agent setting, users may not realize that supplying a URL causes remote fetching rather than purely local processing.

VirusTotal

54/54 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.