Kandinsky

Security checks across malware telemetry and agentic risk

Overview

The skill appears to be a media-generation API client, but the reported use of bearer tokens and user media over insecure HTTP needs review before installation.

Before installing, confirm the API endpoint uses HTTPS, understand which prompts and local media files will be uploaded, and avoid sending private images, audio, or secrets unless the destination service and token handling are acceptable.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 98% confidence
Finding: The skill instructs sending bearer-authenticated requests, prompts, images, and audio to a remote API over plain HTTP, which exposes sensitive content and the API token to interception or tampering by anyone on the network path. Because the service handles user media and credentials, lack of TLS and lack of a prominent privacy warning materially increase the risk of credential theft, data leakage, and manipulated responses.

Missing User Warnings

Medium

Confidence: 86% confidence
Finding: The client sends bearer credentials plus local image/audio content to a remote API, yet the interface provides no explicit warning, consent prompt, or clear disclosure at the point of use. In an agent-skill context, this increases the risk of users or orchestrators unintentionally exfiltrating sensitive local files and secrets to an external service.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal