Tarot Card Art Generator

Security checks across malware telemetry and agentic risk

Overview

This is a small tarot image-generation helper that sends user-provided prompts and a token to the disclosed image API, with no hidden persistence or unrelated local access found.

Install only if you are comfortable sending your prompt, optional reference image UUID, and Neta API token to api.talesofai.com for image generation. Avoid confidential prompts or personal data, and prefer a limited token because passing it on the command line can expose it through shell history or process listings.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (5)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 90% confidence
Finding: The skill documentation indicates use of a Bash-capable skill that invokes an external API with a user-supplied token, but no explicit permissions are declared for network access. This creates a transparency and governance gap: users and platforms may not realize the skill can transmit prompts and credentials to a third-party service, increasing the risk of unintended data exfiltration or policy bypass.

Description-Behavior Mismatch

Medium

Confidence: 98% confidence
Finding: The skill advertises Neta AI but actually sends requests to Tales of AI, creating a provider mismatch that can deceive users about where their prompts and credentials are going. This is dangerous because users are induced to trust one service while their data is transmitted to another, undermining informed consent and potentially enabling credential harvesting or unauthorized third-party data disclosure.

Intent-Code Divergence

Medium

Confidence: 99% confidence
Finding: The script tells users to obtain a token from Neta and then places that token in an x-token header for requests to Tales of AI. Using credentials obtained for one provider against another is highly suspicious and can expose user secrets to an undisclosed service, especially if users believe the token is confined to Neta's ecosystem.

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The README instructs users to send prompts, optional reference-image identifiers, and an API token to a third-party image generation service, but it does not clearly disclose that user-supplied content may leave the local system and be processed by an external provider. This creates a real privacy and data-handling risk because users may submit sensitive prompts or proprietary imagery under the assumption that the skill operates locally or without external retention.

Missing User Warnings

Medium

Confidence: 87% confidence
Finding: The code transmits the user's prompt and token to a remote API with only generic progress logging and no meaningful disclosure about what data leaves the local environment. In this skill, prompts may contain sensitive creative material or private references, and the token is a credential, so silent transmission increases privacy and security risk.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal