Ragflow API Client

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed Ragflow client that can upload chosen files and manage datasets, so it should be used only with a trusted Ragflow server and scoped API key.

Install this only if you want the agent to operate on your Ragflow instance. Use HTTPS, a least-privilege Ragflow API key, and avoid granting access to sensitive local files or production datasets unless the server is approved for that data. Be careful with `delete-dataset`, because the script deletes when invoked and does not ask for confirmation.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The skill facilitates uploading documents and sending chat queries to an external/self-hosted Ragflow service, but the user-facing description does not clearly warn that provided content leaves the local environment. This can lead users or downstream agents to transmit sensitive documents, prompts, or proprietary data without informed consent or proper handling expectations.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal