Gemini Image Proxy

Security checks across malware telemetry and agentic risk

Overview

This skill does what it says: it sends your image prompt and optional source image to a configured image API and saves the returned image locally.

Install only if you trust the OpenAI package source and the GOOGLE_PROXY_BASE_URL endpoint. Use a limited API key where possible, and do not send confidential prompts, regulated data, or private images unless the endpoint's logging, retention, and data-handling policies are acceptable.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 90% confidence
Finding: The skill requires sensitive environment variables (`GOOGLE_PROXY_API_KEY`, `GOOGLE_PROXY_BASE_URL`) but does not declare corresponding permissions, creating a transparency and governance gap. In agent environments, undeclared env access can bypass user expectations and platform controls, increasing the chance that secrets are exposed or used without adequate review.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The documentation describes image generation/editing through a remote OpenAI-compatible endpoint but does not clearly warn users that prompts and uploaded input images are transmitted to a third-party API for processing. This omission can lead users to unknowingly send sensitive text or images off-device, causing privacy, confidentiality, or compliance issues.

VirusTotal

55/55 vendors flagged this skill as clean.

View on VirusTotal