Back to skill

Security audit

Image Quote Overlay

Security checks across malware telemetry and agentic risk

Overview

The skill appears purpose-built for image generation, but it needs review because it can use random personal photos and share generated file paths without clear privacy boundaries.

Review before installing. Use a dedicated non-sensitive image folder, avoid pointing PICS_DIR at your full personal photo library, choose an output directory you are comfortable sharing with other skills, and delete generated files when no longer needed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The README explicitly describes selecting random personal photos from a local directory and returning generated image paths for reuse by other skills, but it does not define any consent, access-control, retention, or data-sharing boundaries. In an agent/automation environment, this can lead to unintended disclosure or downstream reuse of personal images and derived assets across workflows, especially when multiple skills consume the returned paths.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The documentation describes a workflow that reads random images from a personal photo directory and writes generated files to user-specified output paths, but it does not clearly warn users about these filesystem side effects or the privacy implications of using personal photos. In an agent setting, this can lead to unintended exposure of personal images, accidental writes to sensitive locations, or downstream reuse of generated files by other skills without informed user consent.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.