skill-image-compress

Security checks across static analysis, malware telemetry, and agentic risk

Overview

This appears to be a normal local image-compression skill, but users should review its npm dependency install and know that its large-file confirmation is only a warning.

Before installing, confirm you trust the skill source and npm dependencies, because setup may run npm install. Use recursive compression only on folders you intentionally select, and be aware that the shown large-file prompt does not actually require confirmation. The provided core compression file is truncated in the artifact view, so reviewing the complete source would improve assurance.

Static analysis

Dangerous exec

Critical

Finding: Shell command execution detected (child_process).

Dangerous exec

Critical

Finding: Shell command execution detected (child_process).

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal

Risk analysis

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

#ASI05: Unexpected Code Execution

Low

What this means

Installing or first using the skill may run package-install code on your machine.

Why it was flagged

The installer runs npm install in the skill directory. This is consistent with installing sharp, but npm install can execute dependency lifecycle scripts in the local environment.

Skill content

execSync('npm install', {
      cwd: skillRoot,
      stdio: 'inherit'
    });

Recommendation

Install only from a trusted source, review package.json, and run the installation manually if you want to control when npm code executes.

#ASI04: Agentic Supply Chain Vulnerabilities

Low

What this means

Future installs may not use exactly the same dependency versions that were reviewed here.

Why it was flagged

The dependency versions use semver ranges, so npm install may resolve newer compatible versions over time. No lockfile is present in the provided manifest.

Skill content

"dependencies": {
    "commander": "^12.1.0",
    "sharp": "^0.33.5"
  }

Recommendation

Prefer a lockfile or pinned dependency versions for reproducible installs, especially before using the skill in sensitive environments.

#ASI09: Human-Agent Trust Exploitation

Low

What this means

Very large images may be processed without a real pause for confirmation, which could consume time, CPU, memory, or disk space unexpectedly.

Why it was flagged

The code displays a confirmation-style prompt for files over 50MB but then continues without actually reading a user response.

Skill content

console.log('   压缩可能需要较长时间，确定继续吗？[Y/n]');
    
    // 简单处理：继续执行（实际可以用 readline 等待用户输入）

Recommendation

Treat the large-file message as a warning rather than a true confirmation, or ask the maintainer to implement an actual confirmation step.