Mflux Image Router

Security checks across malware telemetry and agentic risk

Overview

This instruction-only skill is mainly for local mflux image generation and does not show hidden execution, credential access, exfiltration, or destructive behavior.

Before installing, review the ollama-herd and mflux packages you will run locally, keep the router available only to trusted devices, and use the non-image endpoints only when you intentionally want prompts, audio, or text processed by that fleet.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (2)

Description-Behavior Mismatch

Medium

Confidence: 97% confidence
Finding: The skill is presented as an mflux image-generation router, but the documentation also exposes unrelated fleet endpoints for chat completions, transcription, and embeddings. This expands the effective capability surface beyond the declared purpose, increasing the chance an agent or user invokes broader model-serving functions with different data-handling and authorization implications.

Context-Inappropriate Capability

Medium

Confidence: 95% confidence
Finding: Including LLM inference, speech-to-text, and embeddings in a skill whose stated purpose is only mflux routing violates least privilege and creates unnecessary ambient authority. An agent using this skill for images may be able to access unrelated services and route sensitive prompts, audio, or text to the fleet without that broader access being obvious from the metadata.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal