Back to skill

Security audit

Image Fetch Toolkit

Security checks across malware telemetry and agentic risk

Overview

This is a broad but coherent image-search reference skill, with no hidden code or automatic actions, but users should be mindful of third-party API queries, credentials, licensing, and optional external tool installs.

Install this only if you are comfortable with an agent using third-party image, news, academic, and social/search APIs. Configure only the API keys you need, avoid sensitive or confidential search terms, review any optional external tools before installing them, and check licensing, attribution, and platform terms before reusing fetched images.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (10)

Context-Inappropriate Capability

Medium
Confidence
89% confidence
Finding
The skill’s stated purpose is image search and retrieval, but it also includes guidance for scraping e-commerce and social media sources, including scraper alternatives and platform-specific collection methods. That scope expansion increases the chance an agent will perform higher-risk collection against sites with sensitive content, ToS restrictions, or account-bound data, which is unnecessary for the core use case.

Vague Triggers

Medium
Confidence
91% confidence
Finding
The manifest description says to use this skill for image retrieval 'for any purpose' and across many contexts, making activation criteria overly broad. Overbroad routing can cause the agent to invoke networked retrieval and third-party APIs in situations where a narrower local or privacy-preserving option would be safer.

Vague Triggers

Medium
Confidence
86% confidence
Finding
The introductory text presents a comprehensive image retrieval toolkit without clear limits on source trust, legality, or user-consent requirements. In an agent setting, ambiguous scope increases the likelihood of misuse, unnecessary external calls, and selection of risky retrieval methods.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill strongly encourages sending search queries and URLs to numerous external providers but does not warn about privacy exposure, copyright/licensing limits, or third-party processing of user data. Users may unknowingly transmit sensitive prompts, internal URLs, or regulated content to external services.

External Transmission

Medium
Category
Data Exfiltration
Content
```bash
# Search photos
curl -H "Authorization: Bearer $UNSPLASH_ACCESS_KEY" \
  "https://api.unsplash.com/search/photos?query=renewable+energy&per_page=10&orientation=landscape"

# Get a random photo
Confidence
77% confidence
Finding
curl -H "Authorization: Bearer $UNSPLASH_ACCESS_KEY" \ "https://api.unsplash.com/search/photos?query=renewable+energy&per_page=10&orientation=landscape" # Get a random photo curl -H "Authorization:

External Transmission

Medium
Category
Data Exfiltration
Content
```bash
# Search photos
curl -H "Authorization: $PEXELS_API_KEY" \
  "https://api.pexels.com/v1/search?query=nature&per_page=10&orientation=landscape"

# Curated photos
curl -H "Authorization: $PEXELS_API_KEY" \
Confidence
76% confidence
Finding
https://api.pexels.com/

External Transmission

Medium
Category
Data Exfiltration
Content
```bash
# Search photos (CC license only)
curl "https://api.flickr.com/services/rest/?method=flickr.photos.search&api_key=$FLICKR_API_KEY&text=sunset&license=1,2,4,5,9&per_page=10&format=json&nojsoncallback=1"

# Get photo URL: https://farm{farm}.staticflickr.com/{server}/{id}_{secret}.jpg
```
Confidence
74% confidence
Finding
https://api.flickr.com/

External Transmission

Medium
Category
Data Exfiltration
Content
```bash
curl -H "Ocp-Apim-Subscription-Key: $BING_API_KEY" \
  "https://api.bing.microsoft.com/v7.0/images/search?q=cute+cats&count=10&imageType=Photo&size=Large"
```

### Tavily Extract (for webpage images)
Confidence
76% confidence
Finding
https://api.bing.microsoft.com/

External Transmission

Medium
Category
Data Exfiltration
Content
```bash
# Search papers
curl "https://api.semanticscholar.org/graph/v1/paper/search?query=protein+folding&limit=10&fields=title,url,openAccessPdf"
```

### Semantic Scholar API (Free)
Confidence
71% confidence
Finding
https://api.semanticscholar.org/

External Transmission

Medium
Category
Data Exfiltration
Content
### Semantic Scholar API (Free)
```bash
# Search papers with figure references
curl "https://api.semanticscholar.org/graph/v1/paper/search?query=transformer+architecture&limit=5&fields=title,url,openAccessPdf,figures"
```

### arXiv API (Free, no key needed)
Confidence
71% confidence
Finding
https://api.semanticscholar.org/

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.