Poster Designer

Security checks across malware telemetry and agentic risk

Overview

This is a real poster-generation skill, but one included helper can turn poster text or file paths into shell command execution on the user's machine.

Review before installing. Use this only with trusted poster text and trusted file paths, and avoid the composition helper until it is changed to call ImageMagick with argument arrays or a safe image library. Do not include confidential prompts, private images, or sensitive marketing details unless you are comfortable sending them to Gemini.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (2)

Context-Inappropriate Capability

Medium

Confidence: 97% confidence
Finding: The script builds a shell command string containing user-controlled values such as the image path, output path, and poster text, then executes it with execSync. Escaping only double quotes is insufficient for shell safety because command substitution and other shell metacharacters can still be interpreted inside double-quoted strings, enabling command injection and arbitrary command execution.

Missing User Warnings

Low

Confidence: 95% confidence
Finding: The generated HTML directly interpolates user-supplied text into element content and an image-derived filename into an attribute without HTML escaping. If attacker-controlled text includes markup or script payloads, opening the generated file in a browser can trigger script execution, creating a stored/local XSS issue in the produced artifact.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal