Back to skill

Security audit

p-image-upscale

Security checks across malware telemetry and agentic risk

Overview

This skill is a straightforward Pruna image-upscaling helper that sends chosen images to Pruna’s API, with no evidence of hidden or destructive behavior.

Install only if you are comfortable sending selected images to Pruna for processing and using a PRUNA_API_KEY. Avoid uploading confidential, regulated, or highly personal images unless your organization allows Pruna processing, and ask the agent to confirm before uploading sensitive files.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (7)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill instructs the agent to upload a user-provided image to a third-party API but does not include an explicit user-facing notice or consent step about external data transfer. Because images may contain sensitive personal or proprietary content, silent transmission to an external service creates a real privacy and compliance risk.

Natural-Language Policy Violations

Low
Confidence
84% confidence
Finding
The file instructs the agent to explicitly say the chosen seed in the user-facing turn and log it for every generation, even when the user did not ask for that internal parameter. This creates unnecessary disclosure of internal workflow metadata and can encourage oversharing of operational details in contexts where concise, user-focused responses are expected.

External Transmission

Medium
Category
Data Exfiltration
Content
## Base URL

- Predictions: `https://api.pruna.ai/v1/predictions`
- File upload: `https://api.pruna.ai/v1/files` (multipart form field `content=@file`)
- Status: `https://api.pruna.ai/v1/predictions/status/{id}`
- Delivery: use `generation_url` from a succeeded status (may be relative; prefix with `https://api.pruna.ai` if needed)
Confidence
94% confidence
Finding
https://api.pruna.ai/

External Transmission

Medium
Category
Data Exfiltration
Content
## Base URL

- Predictions: `https://api.pruna.ai/v1/predictions`
- File upload: `https://api.pruna.ai/v1/files` (multipart form field `content=@file`)
- Status: `https://api.pruna.ai/v1/predictions/status/{id}`
- Delivery: use `generation_url` from a succeeded status (may be relative; prefix with `https://api.pruna.ai` if needed)
Confidence
94% confidence
Finding
https://api.pruna.ai/

External Transmission

Medium
Category
Data Exfiltration
Content
- Predictions: `https://api.pruna.ai/v1/predictions`
- File upload: `https://api.pruna.ai/v1/files` (multipart form field `content=@file`)
- Status: `https://api.pruna.ai/v1/predictions/status/{id}`
- Delivery: use `generation_url` from a succeeded status (may be relative; prefix with `https://api.pruna.ai` if needed)

## Request shape
Confidence
90% confidence
Finding
https://api.pruna.ai/

External Transmission

Medium
Category
Data Exfiltration
Content
## File uploads

1. `POST /v1/files` with `-F "content=@/path/to/file.jpg"` and `apikey` header.
2. Use `urls.get` from the response (or construct `https://api.pruna.ai/v1/files/{id}`) as the **`image`**, **`last_frame_image`**, **`images[]`**, **`person_image`**, **`garment_images[]`**, **`audio`**, etc. value in `input`.

Uploaded files expire (see upload response `expires_at`).
Confidence
96% confidence
Finding
https://api.pruna.ai/

External Transmission

Medium
Category
Data Exfiltration
Content
## Typical success response

- **Sync:** `{ "status": "succeeded", "generation_url": "..." }`
- **Async (create):** `{ "id": "...", "get_url": "https://api.pruna.ai/v1/predictions/status/..." }`
- **Async (poll):** eventually `{ "status": "succeeded", "generation_url": "..." }`

Download binary output with `GET` to `generation_url` and the same `apikey` header.
Confidence
88% confidence
Finding
https://api.pruna.ai/

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.