AnyGen Suite

Security checks across malware telemetry and agentic risk

Overview

AnyGen’s main content-generation behavior is coherent, but it tells the agent to auto-install an additional unreviewed workflow skill that can persistently change agent behavior.

Review before installing. Use AnyGen only for content you are comfortable sending to its hosted service, use a revocable API key if available, and do not allow the extra `anygen-workflow-generate` skill installation unless you can review and approve that separate skill and its source/version.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 91% confidence
Finding: The manifest advertises extremely broad trigger phrases such as generic requests for documents, websites, diagrams, research, and images, including common Chinese phrases. This can cause the skill to activate for routine user prompts far beyond a narrowly scoped tool, increasing the chance of unintended execution and silent routing of user content to the AnyGen service.

Missing User Warnings

Medium

Confidence: 96% confidence
Finding: The skill states that content is generated server-side at www.anygen.io, but it does not clearly warn that user prompts, documents, or other data may be transmitted to an external third-party service. This creates a privacy and data-handling risk because users may share sensitive business, financial, or personal content without informed consent.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal