Back to skill

Security audit

Impossible Scene Generator

Security checks across malware telemetry and agentic risk

Overview

This appears to be a normal remote image-generation skill, with documentation gaps around external API use and token handling but no evidence of deception or malicious behavior.

Install only if you are comfortable sending prompts, reference image identifiers, and a Neta/Tales of AI API token to the external provider. Do not include secrets, private data, or confidential imagery in prompts or references, and prefer storing the API token in an environment variable or secret manager rather than passing it directly on the command line.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
94% confidence
Finding
The skill explicitly instructs users to supply a Neta API token and invoke a script that necessarily makes outbound requests, yet the manifest declares only `tools: Bash` and no corresponding network permission. This creates a capability/permission mismatch that can bypass user expectations and platform safety controls, especially because the skill handles credentials and external data flows.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The README tells users to supply prompts, tokens, and optional reference image UUIDs to a third-party image-generation service, but it does not clearly disclose that user-supplied content and identifiers are transmitted off-device to an external API. This can mislead users into sending sensitive or proprietary prompts, image references, or metadata without informed consent, which is a real privacy and data-handling risk for a skill centered on remote AI generation.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.