Back to skill

Security audit

Screen Icon Finder

Security checks across malware telemetry and agentic risk

Overview

This skill does what it claims, but it can capture the full screen and click on detected UI elements without clear confirmation safeguards.

Install only if you are comfortable letting the agent view your full screen and potentially click in active applications. Use it in a clean desktop session, keep secrets and sensitive chats off screen, review the marked output first, and require explicit approval before any click action.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (4)

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill explicitly suggests invoking `pyautogui.click(cx, cy)` after locating an icon, but it does not require explicit user confirmation, target verification, or a safety check before triggering a UI action. In an agent setting, this can cause unintended clicks on sensitive controls such as purchase, delete, send, or permission dialogs, especially if template matching is imperfect or the UI changes.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
When `big_path` is omitted, the code captures a full-screen screenshot via `pyautogui.screenshot()` and saves it to `_temp_screen.png` without any privacy notice, consent flow, or minimization. Full-screen captures can include secrets, personal messages, tokens, financial information, or other unrelated sensitive content, and writing them to disk increases exposure if files persist or are accessed by other processes.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The function automatically captures the entire screen and saves it to a predictable on-disk file when no input image is provided. Screenshots can contain sensitive data such as messages, credentials, tokens, or personal information, so persisting them without explicit user confirmation or clear disclosure creates an avoidable privacy and data-exposure risk.

Missing User Warnings

Low
Confidence
88% confidence
Finding
The script writes an annotated output image to disk by default, which may preserve sensitive screen contents along with highlighted UI locations. Although this is less severe than the initial screenshot capture, it still creates another persistent artifact that could be accessed later or exposed through backups, shared folders, or multi-user systems.

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.