agnes-image-video

Security checks across malware telemetry and agentic risk

Overview

This skill is a straightforward Agnes AI image/video generation helper; it sends user prompts and image URLs to Agnes and saves returned media locally, which matches its stated purpose.

Install only if you are comfortable sending prompts, referenced image URLs, and Agnes account-linked API usage to Agnes AI. Use an environment variable or approved secret store for the API key, avoid sensitive or private images unless you intend to share them with the provider, and be aware that the helper script saves generated files locally and downloads provider-returned media URLs without extra validation.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Taint TrackingDirect Taint Flow, Variable-Mediated Taint Flow, Credential Exfiltration Chain
MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands

Findings (9)

Tainted flow: 'url' from httpx.post (line 54, network input) → httpx.get (network output)

Medium

Category: Data Flow
Content: if args.mode == "image": url = generate_image(api_key, args.prompt, args.size, args.seed, args.image_urls) # Download the image resp = httpx.get(url) ext = "jpg" if b"JPEG" in resp.content else "png" file_path = output_dir / f"image_{int(time.time())}.{ext}" file_path.write_bytes(resp.content)
Confidence: 89% confidence
Finding: resp = httpx.get(url)

Tainted flow: 'video_url' from httpx.get (line 104, network input) → httpx.get (network output)

Medium

Category: Data Flow
Content: ) # Download the video print("正在下载视频...") resp = httpx.get(video_url) file_path = output_dir / f"video_{int(time.time())}.mp4" file_path.write_bytes(resp.content) print(f"视频已保存: {file_path}")
Confidence: 90% confidence
Finding: resp = httpx.get(video_url)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 93% confidence
Finding: The skill documents code-like capabilities that use environment variables, network access, and local file output, but it does not declare corresponding permissions or constraints. This creates a transparency and governance gap: users and the host agent may not realize the skill can exfiltrate prompts/media to a third party and write generated outputs locally.

Vague Triggers

Medium

Confidence: 86% confidence
Finding: The trigger scope is broad enough to activate on generic image/video requests, which can cause unintentional routing of user content to this third-party service. Overbroad activation increases the chance that sensitive prompts, images, or attachments are sent externally without the user specifically choosing this provider.

Missing User Warnings

Medium

Confidence: 97% confidence
Finding: The skill instructs the agent to send prompts, image URLs, and API credentials to an external API but does not provide an explicit privacy warning or informed-consent step. This is dangerous because users may unknowingly disclose sensitive text, media, or secrets to a third-party processor, creating privacy, compliance, and credential-handling risks.

External Transmission

Medium

Category: Data Exfiltration
Content: ```python import httpx response = httpx.post( "https://apihub.agnes-ai.com/v1/images/generations", headers={"Authorization": "Bearer YOUR_API_KEY"}, json={
Confidence: 91% confidence
Finding: httpx.post( "https://

External Transmission

Medium

Category: Data Exfiltration
Content: 图生图**必须**在 `tags` 中添加 `"img2img"`，否则模型会当作文生图处理： ```python response = httpx.post( "https://apihub.agnes-ai.com/v1/images/generations", headers={"Authorization": "Bearer YOUR_API_KEY"}, json={
Confidence: 92% confidence
Finding: httpx.post( "https://

External Transmission

Medium

Category: Data Exfiltration
Content: 在 `extra_body.image` 中传入多个图像 URL： ```python response = httpx.post( "https://apihub.agnes-ai.com/v1/images/generations", headers={"Authorization": "Bearer YOUR_API_KEY"}, json={
Confidence: 90% confidence
Finding: httpx.post( "https://

External Transmission

Medium

Category: Data Exfiltration
Content: import time # Step 1: 创建视频任务 create_resp = httpx.post( "https://apihub.agnes-ai.com/v1/videos", headers={"Authorization": "Bearer YOUR_API_KEY"}, json={
Confidence: 90% confidence
Finding: httpx.post( "https://

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal