baiyin-image-generate-skill

Security checks across malware telemetry and agentic risk

Overview

The skill may be useful, but it appears to let an agent upload local files to a remote service without clear user confirmation.

Review before installing. Only use this skill with files you intentionally want to send to its remote service, and prefer a version that asks for explicit confirmation and names the destination before uploading any local path.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 96% confidence
Finding: The skill instructs the agent to treat any non-HTTP(S) input as a local path and automatically upload it to a remote endpoint, without requiring explicit user confirmation or warning that data will leave the local environment. This creates a real risk of unintended exfiltration of local files, sensitive attachments, or private resources if a user supplies a path, pasted tokenized reference, or other non-public locator.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal