Back to skill

Security audit

image-face-recognition

Security checks across malware telemetry and agentic risk

Overview

This face-recognition skill is not malicious, but it handles sensitive biometric identification with broad triggers and little disclosure about provider, consent, or data handling.

Review before installing. Use only for explicit, authorized face-recognition tasks, verify the missing script and recognition provider, use a limited API key, and confirm how submitted images and face-identification results are stored, shared, and deleted.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Vague Triggers

Medium
Confidence
95% confidence
Finding
The skill advertises very broad activation criteria such as 'ai related functionality', 'automating recognition tasks', and 'image operations', which could cause an agent to invoke this face-recognition capability for many unrelated user requests. Because the skill performs biometric identification, overly broad routing increases the chance of unnecessary processing of sensitive facial data and unintended use in contexts where face recognition was not explicitly requested.

VirusTotal

60/60 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.