摄影照片评分/Photo Scorer

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent local photo-aesthetic scorer with normal machine-learning dependency and image-processing privacy considerations.

Install only if you are comfortable running local Python ML code and third-party model weights on images you provide. For sensitive photos, be aware that the skill asks the agent to prepare a detailed background evaluation for later retrieval; request no retention if that matters in your environment.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 92% confidence
Finding: The README includes very broad invocation examples such as generic requests to evaluate or compare photos, which can overlap with normal user conversation and cause unintended skill activation. In an agent environment, accidental invocation can expose private images to the skill, trigger unexpected processing, or produce outputs when the user did not explicitly intend to use this specific skill.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal