Back to skill

Security audit

Codex Pet Generator

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed Codex pet generator that uses image generation, local image-processing scripts, and a persistent custom pet folder for its stated purpose.

Install this only if you want Codex to generate custom pet packages. Expect image-generation calls, possible narrow web searches for brand-only requests, local run artifacts, and a persistent pet folder under your Codex home directory.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

High
Confidence
95% confidence
Finding
The activation text is extremely broad and can trigger on generic requests involving keywords, images, repair, packaging, installation, or even vague mentions of 'Codex pet', increasing the chance the skill runs in contexts the user did not intend. Because this skill performs substantial file operations and multi-step generation/packaging workflows, accidental invocation can cause unintended workspace changes, unnecessary external calls, or installation of generated artifacts.

Vague Triggers

Medium
Confidence
91% confidence
Finding
The default prompt is framed as a generic one-click invocation for turning 'my keyword or reference image' into a complete package, but it does not define clear activation boundaries or user-consent constraints. In an agent environment, such broad triggering can cause over-invocation, accidental execution on ambiguous inputs, or use in contexts the user did not clearly intend, which expands the attack surface for prompt injection or unintended file-generation actions.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.