batch-rename

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward batch file renaming skill, but users should preview changes because it renames files in place.

Install only if you are comfortable letting the agent rename files in folders you specify. Ask for an exact old-to-new filename preview before running it, use extension filters and non-recursive mode where possible, test on a small folder first, and back up important files because renames happen in place.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (2)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 92% confidence
Finding: The skill instructs the agent to read directory contents and rename files via a script, which are file read/write capabilities, but it declares no permissions in the skill metadata. This creates a transparency and policy-enforcement gap: an orchestrator or reviewer may treat the skill as less privileged than it really is, increasing the chance of unintended file modification when the skill is invoked.

Vague Triggers

Medium

Confidence: 88% confidence
Finding: The trigger text includes an open-ended phrase like 'or similar requests,' which makes activation criteria ambiguous and overly broad. A broad trigger can cause the skill to fire on loosely related file-management prompts, leading to unexpected rename operations and expanding the reach of a file-modifying skill beyond the user's precise intent.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal