Back to skill

Security audit

feifei

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent generative-art helper, with non-security cautions about branded template styling and external browser resources.

Before installing, be aware that generated HTML may look Anthropic-styled even though it is user-created, so avoid presenting outputs as official or endorsed. If you need offline use or tighter security, replace the CDN p5.js and Google Fonts links with local or integrity-pinned resources.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
94% confidence
Finding
The trigger description is broad enough to activate on many generic creative-coding or art requests, increasing the chance the skill is invoked when the user did not specifically ask for this workflow. Over-broad activation can steer outputs into this skill’s heavy procedural instructions and branding requirements, reducing user control and causing inappropriate task routing.

Natural-Language Policy Violations

Medium
Confidence
97% confidence
Finding
The skill mandates Anthropic branding, fixed styling, and a specific template regardless of user intent, which can inject unwanted attribution or brand presentation into generated artifacts. This is dangerous because it overrides user autonomy and can produce misleadingly branded deliverables that appear officially endorsed or standardized without consent.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The template loads JavaScript and font resources from third-party CDNs at runtime without any disclosure, integrity pinning, or local fallback. If a CDN response is tampered with, blocked, or replaced, users of the generated viewer could execute untrusted code in their browser or leak metadata through external font/script requests.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.