grounding-anything
Security checks across malware telemetry and agentic risk
Overview
This skill is a coherent image-grounding guide that sends user-provided images to a configured model endpoint and saves annotated output, with no hidden install or persistence behavior shown.
Install only if you trust the configured GLM model endpoint with the images you plan to process. Keep NO_PROXY limited to the model host, review the local helper modules before use, and avoid sending confidential images unless the endpoint's privacy and retention practices are acceptable.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
65/65 vendors flagged this skill as clean.