Thor Generator

Security checks across malware telemetry and agentic risk

Overview

This image-generation skill has a plausible purpose, but it tells the agent to run a local shell command with unsafely interpolated user prompt text.

Install only if you trust the local ~/ComfyUI setup and have inspected thor_generate_image.py. Do not let the agent run this command with arbitrary or untrusted prompt text unless the skill is changed to pass arguments safely, validate paths, and ask for confirmation before execution.

SkillSpector

By NVIDIA

Vulnerability Patterns

Behavioral ASTexec() Call, eval() Call, Dynamic Import
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The skill instructs the assistant to automatically invoke a shell command through the exec tool and write output to a filesystem location, but it provides no user-facing warning, confirmation step, or safety constraints. Because the prompt is interpolated directly into a shell command template, this design increases the risk of unintended system actions and makes the skill more dangerous than a purely descriptive image-generation workflow.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal