Back to skill

Security audit

Vision Analyzer

Security checks across malware telemetry and agentic risk

Overview

This skill is a straightforward cloud image analyzer that sends a user-selected image and optional prompt to Ollama Cloud, with no evidence of hidden collection, persistence, or destructive behavior.

Install only if you are comfortable sending chosen images and prompts to Ollama Cloud for processing. Avoid using it on screenshots, documents, photos, or UI captures containing secrets, private personal information, customer data, or proprietary material unless that sharing is acceptable.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
92% confidence
Finding
The skill invokes a script that uses environment variables and makes network calls, but the skill manifest does not declare corresponding permissions. This undermines transparency and consent: users may run a seemingly simple image-analysis skill without being clearly informed that it accesses secrets from the environment and communicates externally.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill description says it analyzes local images but does not clearly warn that image contents are sent to a cloud API for processing. This creates a privacy and data-handling risk because users may provide screenshots, documents, or photos containing sensitive information under the mistaken assumption that analysis is local.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The script base64-encodes the supplied local image and sends it to a remote cloud API, but it does not provide any explicit user-facing consent, warning, or data-handling notice at execution time. In the context of an image-analysis skill, users may pass screenshots, documents, or personal photos containing sensitive data, so silent transmission to a third party creates a real privacy and compliance risk.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.