Algorithmic Art.Blocked

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed p5.js generative-art helper with low security risk, though users should review the branded template reuse and third-party CDN loading.

Review whether you are comfortable generating artifacts that preserve Anthropic-styled UI elements and load p5.js/fonts from third-party CDNs. For private or commercial use, verify template, brand, and dependency licensing before publishing generated viewers.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Description-Behavior Mismatch

Medium

Confidence: 89% confidence
Finding: The skill instructs the agent to copy a specific Anthropic-branded template verbatim as the literal starting point, which conflicts with the stated goal of producing original algorithmic art and can cause unauthorized reuse of proprietary UI/branding assets. In context, this is not code execution, but it does embed branded design elements and fixed structure in generated outputs, increasing legal/compliance and provenance risk.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal