Back to skill

Security audit

Baoyu Image Gen

Security checks across malware telemetry and agentic risk

Overview

This is a coherent image-generation skill that uses disclosed external AI providers and saved preferences, with no artifact evidence of deception, exfiltration, or destructive behavior.

Install if you are comfortable using external image-generation providers with your prompts and selected reference images. Review the chosen provider's data and billing policies, use least-privilege API keys where possible, prefer project-scoped preferences unless you want defaults across all projects, and verify the runtime script is present in the installed package before relying on it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
92% confidence
Finding
The skill description says to use it when the user asks to 'generate, create, or draw images,' which is broad enough to trigger on many ordinary requests without sufficient scoping. Over-broad activation increases the chance the agent invokes this skill prematurely, causing unintended external API calls, unnecessary prompt/file processing, or privacy-sensitive image/reference data being sent to third-party providers.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The documentation enumerates multiple third-party image providers and API keys, and supports sending prompts plus reference images, but does not prominently warn that user content may be transmitted to external services. In this context, the omission is more dangerous because prompts, local prompt files, and reference images can contain sensitive personal, proprietary, or confidential data, leading to unintended disclosure.

Missing User Warnings

Low
Confidence
90% confidence
Finding
The skill instructs the agent to create or update project- or user-scoped EXTEND.md preference files, including a user-home path, without requiring an explicit warning or clear confirmation about persistence scope. This is risky because it can silently modify lasting configuration outside the immediate task context, especially when writing to $HOME where the change affects future sessions and other projects.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.