P图

Security checks across malware telemetry and agentic risk

Overview

This appears to be a normal image-editing skill with an expected Pillow dependency, though users should treat image files and unpinned dependencies with normal caution.

Install only if you are comfortable running a Python image-processing dependency. Prefer a reviewed, pinned Pillow version and keep it updated, especially when editing images from untrusted sources.

SkillSpector

By NVIDIA

Vulnerability Patterns

Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (3)

Vague Triggers

Medium

Confidence: 92% confidence
Finding: The trigger phrase "P一下图片" is very broad and colloquial, so it can easily match ordinary user conversation rather than an intentional invocation of this skill. That creates an overbroad activation surface where the skill may run unexpectedly on unrelated image-editing requests, causing unintended tool use or workflow hijacking.

Unpinned Dependencies

Low

Category: Supply Chain
Content: pillow>=10.0.0
Confidence: 96% confidence
Finding: pillow>=10.0.0

Known Vulnerable Dependency: pillow — 10 advisory(ies): CVE-2016-2533 (Pillow buffer overflow in ImagingPcdDecode); CVE-2023-50447 (Arbitrary Code Execution in Pillow); CVE-2021-27922 (Pillow Uncontrolled Resource Consumption) +7 more

Critical

Category: Supply Chain
Confidence: 82% confidence
Finding: pillow

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal