Back to skill

Security audit

Cosplay Reference Generator

Security checks across malware telemetry and agentic risk

Overview

This skill appears to do what it advertises: it sends a cosplay image prompt to a disclosed external image-generation API and returns an image URL.

Install only if you are comfortable sending your prompt, optional reference image UUID, and Neta API token to the external image-generation service. Prefer using a fresh or low-privilege token, avoid sensitive or confidential prompts, and rotate the token if you pasted it into shell history, logs, or shared screenshots.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The README explicitly tells users to supply the API token on the command line, which commonly exposes secrets through shell history, process listings, audit logs, and screenshots or copied commands. Because this is installation and usage guidance, users are likely to follow it verbatim, making inadvertent credential leakage more likely.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill description does not warn that user prompts and optional reference-image UUIDs are sent to an external image-generation service. This creates a privacy and consent issue because users may unknowingly provide sensitive character concepts, proprietary designs, or reference identifiers to a third party.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill accepts the API token via a command-line flag, which commonly exposes secrets through shell history, process listings, CI logs, and telemetry. Because the token is then sent as an authentication header to a remote service, accidental disclosure can enable unauthorized use of the account or quota consumption.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.