Back to skill

Security audit

通用大模型 GPT 5.5

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed wrapper for a hosted dLazy model API, with expected cloud transmission of prompts and user-supplied media paths, but it has minor documentation clarity issues.

Install only if you are comfortable sending prompts and any explicitly provided media files to dLazy’s hosted service and storing or supplying a dLazy API key. Prefer the `npx @dlazy/cli@1.2.0` path if you do not want a persistent global CLI, and verify the package/version mismatch before relying on the provenance note.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Intent-Code Divergence

Medium
Confidence
93% confidence
Finding
The documentation asserts that the skill itself does not access the network or file system, yet the same section states that prompts are sent to api.dlazy.com and local media paths are uploaded to files.dlazy.com via the CLI. This can mislead users and agents about actual data exfiltration and local-file handling behavior, increasing the chance that sensitive prompts or files are provided without informed consent.

Intent-Code Divergence

Low
Confidence
81% confidence
Finding
The provenance text says the pinned npm package version is 1.0.9, while the metadata and install instructions actually use 1.2.0. Version mismatches undermine supply-chain transparency and can cause reviewers to audit one version while users install another, weakening trust and potentially hiding behavior changes.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.