Back to skill

Security audit

GoAI Image to PPT

Security checks across malware telemetry and agentic risk

Overview

This looks like a real GoAI image-to-PowerPoint converter, but it needs review because it uploads local inputs and automatically opens a downloaded file, including through a risky Windows shell path.

Install only if you are comfortable sending the selected images to GoAI and using a GOAI_API_KEY that may consume credits. Avoid confidential screenshots or private documents unless remote processing is acceptable. On Windows especially, prefer a version that removes shell=True and asks before opening the generated presentation.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Behavioral ASTexec() Call, eval() Call, Dynamic Import
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

subprocess module call

Medium
Category
Dangerous Code Execution
Content
elif system == "Linux":
            subprocess.run(["xdg-open", path], check=True, capture_output=True)
        elif system == "Windows":
            subprocess.run(["start", "", path], check=True, shell=True, capture_output=True)
    except subprocess.CalledProcessError:
        pass
Confidence
95% confidence
Finding
subprocess.run(["start", "", path], check=True, shell=True, capture_output=True)

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill states that local image files are uploaded to a third-party service, but the description and usage guidance do not prominently warn users before upload occurs. This creates a real privacy and data-handling risk because users may provide screenshots or images containing sensitive information without realizing they will leave the local machine.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
This code uploads local image files to a remote GoAI-controlled service whenever the input is not already a URL, but it provides no user-facing disclosure or confirmation at the upload point. In an agent skill context, that can cause unintended exfiltration of sensitive local files if a user or upstream agent passes a local path without realizing the file will leave the machine.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
This function performs the same behavior for general local files, reading bytes from disk and sending them to a signed remote upload URL without any warning in the code path. Because agent workflows may supply file paths indirectly, the absence of explicit disclosure increases the risk of accidental transmission of confidential documents to an external service.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The function downloads arbitrary remote content from a provided URL and writes it to a local filesystem path with no user-facing notice or safety validation. In an agent environment, this can overwrite files in user-accessible directories or place untrusted content locally, which may later be opened or executed by the user or another tool.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.