Image Metadata Cleaner

Security checks across malware telemetry and agentic risk

Overview

This skill locally removes image metadata by creating cleaned copies, with no evidence of hidden data transfer, credential access, or destructive behavior.

Install if you need local image metadata cleanup. Use it only on images you own or are allowed to process, run dry-run before folder batches, review output locations, and use --overwrite only when you explicitly want to replace existing cleaned outputs.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 93% confidence
Finding: The trigger phrase "clean image" is broad and can match common user requests unrelated to metadata sanitization, increasing the chance that this skill is invoked unexpectedly. Because the skill modifies files by writing sanitized copies, accidental invocation could lead to unintended processing, user confusion, or unnecessary file creation in contexts where the user did not specifically request metadata removal.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal