Back to skill

Security audit

Skill

Security checks across malware telemetry and agentic risk

Overview

This instruction-only DeepContent skill is mostly aligned with content generation, but it has under-scoped persistent uploads and a confusing recipe-creation/remix mutation path that users should review before installing.

Install only if you are comfortable with DeepContent receiving and persistently storing images used for generation, and with the skill saving cloned recipe objects when you ask to remix or copy a recipe. Avoid sending private or sensitive images unless you understand DeepContent's retention and deletion controls.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Description-Behavior Mismatch

High
Confidence
95% confidence
Finding
The skill makes a strong capability restriction ('cannot create recipes') but later exposes `remixRecipeTool`, which clones an existing recipe into a new one. This inconsistency can mislead users and higher-level agents, causing policy bypass or unintended creation of new assets under the guise of a prohibited action.

Intent-Code Divergence

High
Confidence
97% confidence
Finding
The file first states recipe creation is impossible through the skill, then later instructs the agent to use `remixRecipeTool` to clone and save a new recipe. Contradictory instructions are dangerous because agents may follow the more permissive path, undermining safeguards and creating unauthorized content objects.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The activation phrases include common language like 'generate content,' 'new recipe,' and 'make me a template,' which can cause the skill to trigger in unrelated conversations. Overbroad activation increases the chance of unintended tool use, surprise data handling, or execution of content-generation workflows without clear user intent.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill directs the agent to upload user images to permanent storage but does not require notice, consent, or retention disclosure. This can lead to privacy violations, unauthorized persistence of sensitive images, and compliance issues if users believe uploads are temporary or limited to immediate generation.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.