Back to skill

Security audit

网盘文件管理

Security checks across malware telemetry and agentic risk

Overview

This skill runs disclosed local helper scripts for AList/WebDAV cloud-file management, including uploads and deletes, with no evidence of hidden exfiltration or deceptive behavior.

Install only if you intend Codex to manage your local AList/WebDAV cloud-drive setup. Review remote paths carefully before deletion, avoid exporting passwords in shared terminals, and use the provided stop scripts when you no longer need the background services.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
93% confidence
Finding
The skill directs the agent to run local shell scripts and interact with networked services, but it declares no explicit permissions or capability boundaries. This can cause the skill to be invoked without clear user or platform awareness that it may start services, mount WebDAV, upload data, or delete remote files, increasing the chance of overbroad or unsafe execution.

Vague Triggers

Low
Confidence
82% confidence
Finding
The description includes broad trigger language such as managing local cloud file services, uploading, deleting, and checking status, which could match many ordinary file-management requests. Overbroad activation increases the risk that an agent selects this skill in contexts where the user did not intend cloud operations or remote destructive actions.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.