Back to skill

Security audit

Organise photos

Security checks across malware telemetry and agentic risk

Overview

This photo-organizing skill is coherent and purpose-aligned, but it can move or delete photos and may install Python image libraries if dependencies are missing.

Install only if you are comfortable letting an agent analyze and reorganize the chosen photo folder. Use a backed-up copy first, choose move-to-review options instead of deletion when possible, and preinstall the listed Python packages in a virtual environment rather than allowing runtime pip installs.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Context-Inappropriate Capability

Medium
Confidence
94% confidence
Finding
The skill's Python snippets invoke `os.system("pip install ...")` at runtime when imports fail, which modifies the host environment and executes network/package-manager operations during a routine photo-organization task. This expands the trust boundary to PyPI and shell execution, creates supply-chain risk, and can unexpectedly alter the user's system without explicit consent.

Context-Inappropriate Capability

Medium
Confidence
95% confidence
Finding
This second script repeats the same unsafe pattern by calling `os.system("pip install opencv-python-headless Pillow imagehash numpy -q")` on import failure. In context, the skill already has broad file access over user photos, so adding runtime package installation increases attack surface and can expose the environment to dependency confusion, malicious package updates, or unexpected system changes.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.