Long Image Generator

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent long-image generator, with normal cautions around rendering user content and using external assets.

Install if you want an agent to generate long vertical images. Avoid feeding it confidential notes unless you are comfortable with any remote fonts/CDN assets and any upload or temporary-link step used to share the output; review generated HTML handling if the input contains untrusted markup.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 88% confidence
Finding: The trigger conditions are broad enough to match many ordinary requests such as posters, vertical images, or knowledge cards, which can cause the wrong skill to activate and handle user input outside its intended scope. In this skill, over-triggering is more concerning because it renders user content into HTML/JS for a canvas workflow and references external assets, increasing the chance of unsafe downstream handling or unintended file generation.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal