image-upload-imgcdn

Security checks across malware telemetry and agentic risk

Overview

The skill clearly does what it claims, but it publishes local images to a third-party public host and has an unsafe response-parsing pattern that deserves review before installation.

Install only if you are comfortable sending selected images to img.scdn.io for public sharing. Do not upload private, personal, confidential, or regulated images. The publisher should add an explicit pre-upload warning and change the JSON parsing to pass the response through stdin or a file instead of embedding server-controlled text into a Python command string.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 96% confidence
Finding: The skill states that it uploads a local image and returns a permanent public URL, but it does not present this as a clear user warning at the point of use. Users may unintentionally expose sensitive or private images because the permanence and public accessibility of the upload materially change the privacy risk.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The script uploads a user-supplied local image to a third-party service and explicitly returns a public permanent link, but it does not warn the user about the privacy implications or require confirmation. This can lead to accidental disclosure of sensitive local images, and the skill context makes this more dangerous because its stated purpose is to publish files externally.

VirusTotal

57/57 vendors flagged this skill as clean.

View on VirusTotal