Back to skill

Security audit

china-vision

Security checks across malware telemetry and agentic risk

Overview

This skill is a straightforward cloud image-analysis helper, but users should know selected images and prompts are sent to SiliconFlow and may use paid API credits.

Install only if you are comfortable sending chosen images, image URLs, and prompts to SiliconFlow/Qwen for processing and with possible paid token usage on your API key. Avoid sensitive personal, business, medical, financial, or regulated images unless SiliconFlow's data handling terms are acceptable to you; consider a limited API key or spending controls.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Lp3

Medium
Category
MCP Least Privilege
Confidence
91% confidence
Finding
The skill clearly uses an API key from the environment and calls an external vision service, but it does not declare explicit permissions for environment access or network use. This weakens transparency and policy enforcement, making it easier for a skill to access sensitive configuration or transmit user-provided image data without clear operator awareness.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The trigger phrases are broad, everyday requests like 'Describe this image' or 'What food is this?', which can cause the skill to activate in situations the user did not intend. In this skill's context, unintended activation is more concerning because invocation may send local image files or remote image URLs to a third-party model, creating privacy and cost exposure.

Vague Triggers

Medium
Confidence
86% confidence
Finding
The request routing uses vague patterns such as '分析...' and a default description mode when the request is unspecified. That ambiguity can route general conversation into image analysis automatically, increasing the chance of processing or transmitting images without sufficiently clear user consent or task boundaries.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill description and notes do not clearly warn that image files or image URLs may be sent to an external AI provider for processing. Because the skill handles potentially sensitive visual content, the lack of a prominent privacy disclosure increases the risk of users unknowingly exposing personal, confidential, or regulated data to a third party.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.