Social Media Carousel

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent carousel-design helper, but it relies on an external inference.sh CLI and service to render images.

Install only if you are comfortable using inference.sh for rendering. Prefer manual installer verification over curl | sh when possible, review any infsh command before running it, and avoid putting confidential campaign details, customer data, or proprietary branding assets into slide HTML or image prompts unless that provider is approved for the data.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (4)

Description-Behavior Mismatch

Medium

Confidence: 85% confidence
Finding: The skill is presented as carousel design guidance, but it quickly shifts into installing a third-party CLI and invoking remote rendering services. That mismatch increases the chance a user or agent will run networked tooling and transmit content off-host without realizing the skill is doing more than providing design advice.

Context-Inappropriate Capability

Medium

Confidence: 88% confidence
Finding: The skill includes installation of external software and remote app execution that are not necessary for giving carousel layout advice. Unnecessary execution capability broadens the attack surface by encouraging shell use, network access, and third-party processing in a context where users may expect only informational guidance.

Context-Inappropriate Capability

Medium

Confidence: 76% confidence
Finding: The AI illustration generation section expands the skill beyond carousel structure and layout rules into remote image synthesis. While not inherently malicious, this scope creep can cause unintended data sharing and capability expansion beyond what the manifest leads users to expect.

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: The examples instruct users to install a third-party CLI and send HTML/content to external services without a clear warning that data leaves the local environment. In agent contexts, this can lead to unintentional disclosure of proprietary prompts, campaign content, or internal branding assets to a remote provider.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal