Security audit

AI Interior Design Planner

Security checks across malware telemetry and agentic risk

Overview

This is a document-only interior design planning skill that appears safe, with privacy care needed if users upload room photos to the linked website.

Safe to install for design planning. Review the linked site's privacy terms before uploading room photos, and avoid sharing images that show faces, valuables, documents, addresses, or other identifying details.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 92% confidence
Finding: The trigger list contains broad, generic phrases such as 'interior design', 'color palette', and 'lighting plan' that are likely to overlap with normal user conversation and unrelated design tasks. This can cause unintended invocation or routing, leading users to disclose room photos, preferences, or household details to the wrong skill and degrading trust in the platform.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal