Back to skill

Security audit

PixelMagic-PhotoLogic-9z

Security checks across malware telemetry and agentic risk

Overview

This is a local ImageMagick-based photo editor with expected file and command use, but users should understand the local dependency and retained image files.

Install only if you are comfortable with a local ImageMagick workflow. Review any suggested winget, brew, or apt command before running it, process sensitive photos in a directory you control, keep ImageMagick updated, and delete the generated work folder if you do not want original backups, logs, or edited derivatives retained.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Behavioral ASTexec() Call, eval() Call, Dynamic Import
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (4)

subprocess module call

Medium
Category
Dangerous Code Execution
Content
cmd = [self.magick_path] + args
        try:
            result = subprocess.run(
                cmd,
                capture_output=True,
                text=True,
Confidence
88% confidence
Finding
result = subprocess.run( cmd, capture_output=True, text=True, timeout=300 )

Lp3

Medium
Category
MCP Least Privilege
Confidence
92% confidence
Finding
The skill clearly instructs the agent to read and write local files and invoke shell commands (`magick`), yet no permissions are declared. This creates a transparency and policy-enforcement gap: a host may not present meaningful consent boundaries to the user, while the skill still performs filesystem and command-execution actions.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The description promises automatic detection and installation of ImageMagick without explicit confirmation, which means the skill may modify the local system by installing software as a side effect of normal use. Silent package installation increases supply-chain and integrity risk and can surprise users in environments where software changes are tightly controlled.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill mandates creating per-image workspaces, temporary JPGs, parameter logs, and final copies, but does not clearly warn the user beforehand that local files and potentially sensitive image derivatives will be stored on disk. For photo-processing workflows, these artifacts can expose private content, metadata, and editing history if retained unexpectedly.

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.