Og Image Design
Security checks across malware telemetry and agentic risk
Overview
This is a coherent OG image design skill, with the main caution being its disclosed use of the external inference.sh installer, login, and remote generation services.
Install only if you trust inference.sh. Prefer manual install and SHA-256 verification over piping the installer directly to sh, use an account with appropriate spending limits, and avoid submitting confidential draft titles, unreleased page content, or private brand assets unless the provider's data handling is acceptable.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
66/66 vendors flagged this skill as clean.