Back to skill

Security audit

Story Cover

Security checks across malware telemetry and agentic risk

Overview

This skill coherently generates novel cover images using a disclosed external image API and local output files.

Install if you are comfortable sending the book title, author name, prompt details, and any reference image to the configured image API. Use the default OpenAI endpoint or a proxy you trust, and choose a BOOK_DIR where generated cover files and prompt sidecars are acceptable to store.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
94% confidence
Finding
The skill advertises broad natural-language triggers such as “帮我做个封面”, “生成封面图”, and “封面设计”, which can match ordinary user requests beyond an explicit command invocation. That increases the chance of unintended activation, causing the skill to collect metadata and send prompts or images to an external API without the user clearly intending to use this specific skill.

External Transmission

Medium
Category
Data Exfiltration
Content
--arg s "$SIZE" \
  '{model:$m, prompt:$p, size:$s}')

curl -fsS --max-time 180 --retry 2 --retry-delay 5 \
  "$BASE_URL/images/generations" \
  -H "Authorization: Bearer $GPT_IMAGE_API_KEY" \
  -H "Content-Type: application/json" \
Confidence
89% confidence
Finding
curl -fsS --max-time 180 --retry 2 --retry-delay 5 \ "$BASE_URL/images/generations" \ -H "Authorization: Bearer $GPT_IMAGE_API_KEY" \ -H "Content-Type: application/json" \ -d

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.