Back to skill

Security audit

Tomoviee Reference to Image

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed Tomoviee/Wondershare image-generation client, but users should treat submitted images, prompts, callbacks, and API credentials as sensitive.

Install only if you are comfortable sending prompts, image URLs, optional callbacks, and generated-task metadata to Wondershare/Tomoviee for processing. Use dedicated revocable API credentials, avoid private or regulated images, do not use internal or secret-bearing callback URLs, and avoid running the token helper in CI logs or shared terminals.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (4)

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The documentation explicitly describes transmitting user-supplied reference images and optional callback URLs to third-party endpoints, but it provides no warning about external data sharing, privacy implications, or callback risks. In a skill that processes user images, this omission can lead to unexpected disclosure of sensitive personal or proprietary images and can also encourage unsafe callback handling if operators supply internal or sensitive URLs.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The script instructs users to pass the application secret as a command-line argument, which can expose credentials through shell history, process listings, logging, and CI job metadata. Even though this is a helper utility, handling long-lived API secrets this way creates an avoidable credential disclosure risk.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The client transmits user prompts, reference image URLs or content references, and authentication material to a third-party external API without any built-in disclosure, consent, or privacy guardrails. In an agent setting, users may reasonably assume processing is local or first-party; silently sending potentially sensitive prompts and image references off-platform can create privacy, compliance, and data-handling risk.

Credential Access

High
Category
Privilege Escalation
Content
app_secret = sys.argv[2]
    
    token = generate_access_token(app_key, app_secret)
    print(f"Access Token: {token}")
    print(f"\nUse in Authorization header as: Basic {token}")
Confidence
97% confidence
Finding
Access Token

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.