photo-alchemy

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed AI photo-art skill, but users should understand that private photos, face names, API keys, and run history may be handled by external services or local storage.

Install only if you trust the external imagemine package and installer. Use dedicated Anthropic and Gemini API keys, avoid sensitive Photos albums, use character mappings if real names should not be sent to providers, protect or remove ~/.imagemine.db when finished, and enable launchd scheduling only if you want ongoing background API use.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The skill documentation states that it reads face-detection names from Apple Photos and uses them in prompts, and elsewhere describes sending the resized image and prompt data to external AI providers. That means sensitive biometric-adjacent metadata and user photos may be transmitted off-device without an explicit, prominent privacy warning or consent flow, creating a real privacy and data-handling risk.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal