Grok Imagine Image Pro

Security checks across malware telemetry and agentic risk

Overview

This skill sends prompts and chosen images to xAI to generate or reimagine images, which matches its stated purpose and is disclosed in the artifact.

Install only if you are comfortable giving the skill access to your xAI API key and sending prompts, selected local images, or supplied image URLs to xAI. Do not use confidential files, private URLs, or non-image files as edit sources.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (6)

Vague Triggers

Medium

Confidence: 87% confidence
Finding: The skill description uses very broad natural-language triggers such as requests to 'make a picture' or 'change the image,' which can overlap with ordinary conversation and cause unintended invocation. That can lead to accidental transmission of user prompts, image URLs, or local images to the external xAI API without sufficiently explicit user intent.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The editing section explains how to send local files and public image URLs to xAI, but it does not prominently warn that those inputs are transmitted to an external third-party service. This creates a privacy and data-handling risk because users may provide sensitive local images or internal URLs without informed consent.

External Transmission

Medium

Category: Data Exfiltration
Content: **Do NOT use `/v1/images/edits` with multipart — xAI requires JSON.** **IMPORTANT:** For local files, use Python to build the payload JSON file, then curl with `@file`. Inline base64 in curl args causes "Argument list too long" for images >~100KB. **NOTE:** This is NOT true image editing — the API generates a new image inspired by the source.
Confidence: 91% confidence
Finding: curl with `@file`. Inline base64 in curl args causes "Argument list too long" for images >~100KB. **NOTE:** This is NOT true image editing — the API generates a new image inspired by the source. It c

External Transmission

Medium

Category: Data Exfiltration
Content: ### Edit from URL: ```bash curl -s https://api.x.ai/v1/images/generations \ -H "Authorization: Bearer $XAI_API_KEY" \ -H "Content-Type: application/json" \ --data '{
Confidence: 84% confidence
Finding: curl -s https://api.x.ai/v1/images/generations \ -H "Authorization: Bearer $XAI_API_KEY" \ -H "Content-Type: application/json" \ --data

External Transmission

Medium

Category: Data Exfiltration
Content: json.dump(payload, f) print('Payload ready') " && \ curl -s https://api.x.ai/v1/images/generations \ -H "Authorization: Bearer $XAI_API_KEY" \ -H "Content-Type: application/json" \ -d @/tmp/img_edit_payload.json | python3 -c "
Confidence: 92% confidence
Finding: https://api.x.ai/

External Transmission

Medium

Category: Data Exfiltration
Content: ### Edit from URL: ```bash curl -s https://api.x.ai/v1/images/generations \ -H "Authorization: Bearer $XAI_API_KEY" \ -H "Content-Type: application/json" \ --data '{
Confidence: 84% confidence
Finding: https://api.x.ai/

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal