Pet Grooming Effect Assessment (Mats/Dandruff) | 宠物梳毛效果评估（毛结/皮屑）

Security checks across static analysis, malware telemetry, and agentic risk

Overview

This skill is a cloud media-analysis tool with account, token, history, and payment-related behavior that is broader and less clearly disclosed than a simple pet-grooming checker.

Install only if you are comfortable sending pet images/videos, remote media URLs, and a persistent identifier such as a username or phone number to the publisher's cloud service. Review the code paths for automatic account creation, local token storage, history retrieval, and payment prompts before use, and fix the `yaml` dependency issue before installing in a sensitive environment.

SkillSpector (27)

By NVIDIA

Description-Behavior Mismatch

Medium

Confidence: 92% confidence
Finding: The documentation broadens the skill from image-based assessment into cloud-backed historical report retrieval and automatic local file persistence. This scope expansion increases privacy and security risk because uploaded media and user-associated reports may be stored or transmitted beyond what a user would reasonably expect from a grooming-quality checker.

Context-Inappropriate Capability

Medium

Confidence: 95% confidence
Finding: The skill requires an open-id derived from a username or phone number before analysis or history access, even though that identifier is not obviously necessary for basic visual assessment. Collecting direct personal identifiers for a low-risk image-scoring task creates unnecessary privacy exposure and can enable account correlation across sessions and backend services.

Intent-Code Divergence

High

Confidence: 98% confidence
Finding: The documented API behavior materially contradicts the declared pet grooming assessment purpose: it accepts video input and returns human face detection plus health/constitution diagnosis. This mismatch is dangerous because it can hide undisclosed data collection or repurpose the skill for unrelated biometric/health analysis, preventing users and reviewers from giving informed consent.

Description-Behavior Mismatch

High

Confidence: 97% confidence
Finding: The file describes human-oriented face and health video analysis rather than the manifest's pet grooming image assessment. In this skill context, that makes the issue more dangerous because users would reasonably expect benign pet coat analysis, not processing of human facial or health-related content, creating a strong risk of deceptive capability disclosure and sensitive data misuse.

Description-Behavior Mismatch

Medium

Confidence: 94% confidence
Finding: The skill accepts local files and remote URLs as video input despite the declared purpose being post-grooming image assessment. This capability expansion increases data exposure and attack surface by permitting broader media ingestion and remote fetch behavior that users and reviewers would not reasonably expect from the manifest.

Context-Inappropriate Capability

Medium

Confidence: 97% confidence
Finding: Allowing arbitrary http/https URLs causes the service to ingest remote content unrelated to the stated local grooming-image use case. This can enable SSRF-like behavior through backend fetches, unexpected transfer of sensitive URLs, and abuse of internal or trusted network access if the downstream API resolves and retrieves attacker-controlled locations.

Description-Behavior Mismatch

High

Confidence: 95% confidence
Finding: The implementation materially diverges from the declared skill purpose: instead of pet grooming image assessment, it exposes generic video analysis and history-listing functionality. This kind of capability mismatch is dangerous because it can hide broader data-processing behavior than users or reviewers expect, increasing the chance of unauthorized collection, processing, or exfiltration of unrelated media and metadata.

Context-Inappropriate Capability

Medium

Confidence: 88% confidence
Finding: Accepting arbitrary remote URLs expands the trust boundary and allows the skill to fetch attacker-controlled content unrelated to the stated pet grooming use case. In practice, this can enable privacy issues, unintended access to internal resources via downstream fetchers, or processing of malicious/unexpected media through the backend analysis path.

Context-Inappropriate Capability

Medium

Confidence: 85% confidence
Finding: The history-list retrieval function is unrelated to the advertised single-item grooming assessment task and may expose prior analysis records or metadata without clear necessity. Unnecessary access to historical outputs broadens the available surface for privacy leakage and data misuse, especially since the tool also keys behavior off a user identifier.

Intent-Code Divergence

Medium

Confidence: 80% confidence
Finding: The code documentation describes video analysis while the manifest describes post-grooming image assessment, indicating deceptive or at least misleading functionality description. Such inconsistencies impair security review and user understanding, making it easier for expanded capabilities to evade scrutiny.

Intent-Code Divergence

Medium

Confidence: 82% confidence
Finding: The CLI is explicitly presented as a video analyzer, which contradicts the declared pet grooming image-assessment intent and reinforces the broader capability mismatch. Misleading interfaces increase the likelihood that operators process unintended data types and that hidden functionality escapes policy review.

Context-Inappropriate Capability

Medium

Confidence: 89% confidence
Finding: This file exposes broad generic request primitives and CRUD-style wrappers (`add`, `edit`, `delete`, `http_get`, `http_post`, `http_put`, `http_delete`) that go well beyond the stated grooming-image assessment purpose. In an agent skill context, such unnecessary network and state-changing capabilities expand the attack surface and can be repurposed to access or modify unrelated backend resources if higher-level controls are weak or bypassed.

Context-Inappropriate Capability

Medium

Confidence: 93% confidence
Finding: The `delete` method provides a direct state-changing operation even though the skill is described as a read/analysis-oriented grooming assessment tool. In this context, delete capability is unjustified and dangerous because it could be abused to remove user data, analysis records, or other backend objects if exposed through the skill or chained with other overly generic request functionality.

Description-Behavior Mismatch

High

Confidence: 95% confidence
Finding: The file defines persistent user-account storage and mutation logic, including CRUD operations for a sys_user table, which is unrelated to the declared pet grooming image-assessment functionality. In this context, hidden identity storage materially expands the skill's data-collection surface and enables unnecessary retention or manipulation of user records outside the stated purpose.

Context-Inappropriate Capability

High

Confidence: 98% confidence
Finding: The User model stores identity and authentication-related fields such as username, email, token, and open_token, none of which are justified by a grooming-effect assessment skill. Unnecessary token storage increases the blast radius of compromise and creates a risk of credential leakage, replay, or covert cross-service tracking.

Description-Behavior Mismatch

Medium

Confidence: 90% confidence
Finding: The module automatically creates and alters a shared user-table schema on initialization, including an ALTER TABLE against sys_user, despite the manifest describing only local image-analysis behavior. This silent persistence and schema mutation increases operational risk and suggests the skill performs broader stateful account management than users or integrators would expect.

Description-Behavior Mismatch

Medium

Confidence: 96% confidence
Finding: This utility implements broad authenticated HTTP access, automatic user bootstrap/login behavior, token management, and payment/recharge flows that are not necessary for a pet grooming image assessment feature. In a skill whose stated purpose is local/remote image-based grooming scoring, this excessive capability expands the attack surface, enables undisclosed data transmission, and creates opportunities for account misuse or backend abuse if invoked unexpectedly.

Context-Inappropriate Capability

High

Confidence: 99% confidence
Finding: The code automatically creates or logs in a user based on a username/open ID, retrieves tokens, and persists them locally without any visible user approval or clear need for grooming analysis. This is dangerous because it can silently provision accounts, associate user identifiers with backend services, and store reusable authentication material that could be abused if the environment is compromised or the function is triggered unintentionally.

Context-Inappropriate Capability

Medium

Confidence: 90% confidence
Finding: The code contains recharge/payment guidance and balance-related control flow unrelated to pet grooming assessment. While not inherently exploit code, embedding monetization/payment handling in a grooming-analysis utility indicates hidden platform coupling and can mislead users into actions unrelated to the advertised function, increasing the risk of deceptive behavior or unauthorized charges.

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The skill instructs automatic saving of uploaded images or videos to local files without informing the user or obtaining consent. Because the media may contain sensitive household context or personally identifying metadata, silent persistence raises privacy, retention, and unintended disclosure risks.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The skill mandates cloud API queries for historical reports using an open-id but does not clearly warn users that identifiers and report data are transmitted to a remote service. This lack of transparency can expose personal data and analysis history to third-party systems without informed consent.

Missing User Warnings

Medium

Confidence: 81% confidence
Finding: The CLI requires a highly sensitive identifier ('OpenID/UserId/用户名/手机号') and stores it in process-wide state without any privacy notice, minimization, or masking. In the context of a pet-grooming assessment skill, collecting a phone number or persistent account identifier is not obviously necessary for local analysis and increases the risk of unnecessary personal-data exposure through logs, crashes, shell history, or downstream storage.

Missing User Warnings

Medium

Confidence: 89% confidence
Finding: The API accepts uploaded videos or public video URLs but provides no privacy, retention, sharing, or sensitive-data handling notice. Because the surrounding documentation already suggests possible face analysis, the lack of disclosure increases the risk that personally identifiable or biometric content could be collected or transmitted without adequate user awareness.

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The code reads the entire local file and uploads it to an API without any visible user-facing notice, confirmation, or minimization in this file. For a skill handling pet images/videos, this creates a privacy and trust risk because users may not realize local media is being transmitted off-device to a remote service.

Missing User Warnings

Medium

Confidence: 83% confidence
Finding: The tool requires a highly sensitive user identifier such as OpenID, username, or phone number without any visible privacy notice, minimization, or handling safeguards. In the context of a pet grooming assessment skill, collecting such identifiers is more sensitive than expected and increases the risk of unnecessary personal-data exposure or linkage to analysis history.

Static analysis

Install untrusted source

Warn

Finding: Install source points to URL shortener or raw IP.

Dep not found on registry

Critical

Finding: 1 package(s) referenced in dependency files do not exist on their public registries: yaml (pypi)

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal