Back to skill

Security audit

Baoyu Seedream Ppt

Security checks across malware telemetry and agentic risk

Overview

This is a coherent PPT image-generation skill that uses a user-provided file and Seedream API to create images and a PPT, with no hidden persistence or destructive behavior found.

Install only if you are comfortable sending the selected slide content and generated prompts to Volcengine/Seedream using your configured API key. Avoid using confidential documents unless you have permission to process them with that external service, and review the generated prompts before the final image-generation step for sensitive presentations.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Lp3

Medium
Category
MCP Least Privilege
Confidence
94% confidence
Finding
The skill documentation describes capabilities to read user-provided files, write output files, and call an external image-generation API, but it does not declare permissions or scope limits. This creates a real security gap because the agent may be allowed to access local content and transmit it externally without explicit least-privilege controls or user-visible consent boundaries.

Vague Triggers

Medium
Confidence
81% confidence
Finding
The direct invocation examples accept broad inputs such as arbitrary file paths or pasted content without stating clear limits on what files may be accessed or what content may be processed. In an agent setting, this can encourage overbroad file access or accidental handling of sensitive data beyond the user's intended scope.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill openly depends on an external API key and remote image-generation service, and it says user content and materials may be analyzed, but it does not clearly warn that this data will be transmitted to a third party. That omission is dangerous because users may unknowingly send proprietary documents, internal notes, or linked materials to an external provider.

External Transmission

Medium
Category
Data Exfiltration
Content
"size": resolution
    }
    
    response = requests.post(
        f"{BASE_URL}/images/generations",
        headers=headers,
        json=data,
Confidence
88% confidence
Finding
requests.post( f"{BASE_URL}/images/generations", headers=headers, json=

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.