Musecard

Security checks across malware telemetry and agentic risk

Overview

This appears to be a creative image-prompt skill, not malware, but it needs review because it asks for broad file-write authority and can automatically steer vague anime styling requests toward suggestive, age-ambiguous prompts.

Install only if you want this specific illustration-card workflow. Consider removing or limiting Write access unless you need file creation, and use explicit instructions that anime characters must be clearly adult and non-sexualized when using the ‘香度/萌点’ features.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 93% confidence
Finding: The manifest trigger is broad enough to match common requests for image creation, quote cards, or vertical illustrations, which can cause the skill to activate when the user did not explicitly intend to use it. This creates a prompt-scope risk where the skill's strong behavioral instructions, including automatic style and sexualized '萌点/香度' escalation, may steer unrelated conversations or produce unwanted content.

Vague Triggers

Low

Confidence: 83% confidence
Finding: The instruction to automatically choose the 'most suitable' style when the user does not specify one is underspecified and gives the skill broad latitude to impose its own framing. In this skill, that is more concerning because some branches explicitly escalate toward sexualized anime aesthetics on vague cues like '要香一点', increasing the chance of misclassification and unwanted outputs.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal