Zyt ai creation

Security checks across malware telemetry and agentic risk

Overview

This appears to be a legitimate Chanjing AI generation helper, but it can send long-lived Chanjing credentials to an environment-configured API host and the package is missing several documented scripts.

Install only if you trust the publisher and need this Chanjing integration. Do not set CHANJING_API_BASE unless it is the official Chanjing API or a host you fully control, and avoid adding credentials until the missing command scripts are present and reviewable.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Taint TrackingDirect Taint Flow, Variable-Mediated Taint Flow, Credential Exfiltration Chain
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (2)

Tainted flow: 'req' from os.environ.get (line 64, credential/environment) → urllib.request.urlopen (network output)

Critical

Category: Data Flow
Content: headers={"Content-Type": "application/json"}, method="POST", ) with urllib.request.urlopen(req, timeout=30) as resp: return json.loads(resp.read().decode("utf-8"))
Confidence: 92% confidence
Finding: with urllib.request.urlopen(req, timeout=30) as resp:

Missing User Warnings

Medium

Confidence: 81% confidence
Finding: The reference explicitly documents a `download_result` capability that downloads `output_url` assets to the local system, but it does not warn that this writes files to disk, discuss destination/path safety, or mention user confirmation. In an agent skill, undocumented local file writes can surprise users and increase risk of unsafe persistence, overwriting files, or saving untrusted remote content to the host environment.

VirusTotal

49/49 vendors flagged this skill as clean.

View on VirusTotal