Back to skill

Security audit

Ghost Portrait Generator

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward ghost-image generator that sends user prompts and a Neta API token to the disclosed image-generation API.

Install only if you are comfortable sending prompts, optional reference UUIDs, and your Neta API token to api.talesofai.com. Avoid sensitive personal or confidential prompts, use a scoped or disposable token where possible, and be aware that command-line tokens can be exposed by your shell or runtime environment.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The README instructs users to send free-form prompts, optional reference-image identifiers, and an API token to a third-party image-generation service, but it does not warn that this data leaves the local environment and may be stored, logged, or reused by the provider. In an agent-skill context, users may paste sensitive personal, proprietary, or identifying content into prompts or supply references tied to private images, so the lack of disclosure creates a meaningful privacy and data-handling risk.

Vague Triggers

Medium
Confidence
85% confidence
Finding
The phrase 'Use when someone asks to generate or create ghost portrait ai generator images' is broad and underspecified, which can cause the skill to trigger in loosely related conversations without clear user intent. Over-broad invocation increases the chance of unexpected execution, unnecessary data transfer to an external image API, and accidental use in contexts where users did not explicitly consent to third-party processing.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The script accepts the API token via a command-line flag, which commonly exposes secrets through shell history, process listings, CI logs, and telemetry. Although the token is only sent to the intended API in a request header, the insecure input mechanism creates a real credential leakage risk for anyone running the skill.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.