视觉系文件分类大师 (Visual File Sorter)

Security checks across malware telemetry and agentic risk

Overview

This skill has a clear file-sorting purpose, but it can open, inspect, rename, and move many local files without enough user control.

Review before installing. Only run this on a small folder you choose, remove executables and sensitive documents first, and require a dry-run table of proposed filenames and destinations before allowing any rename or move operations.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 93% confidence
Finding: The trigger phrases are broad, natural-language requests that can easily overlap with ordinary conversation, making unintended activation plausible. In this skill, accidental triggering is more dangerous because the workflow performs filesystem changes automatically, including opening, renaming, and moving user files without an explicit confirmation gate.

Missing User Warnings

High

Confidence: 98% confidence
Finding: The skill is designed to automatically open local files, inspect their contents, rename them, and move them into archive folders, yet it does not require explicit user approval before making those changes. This creates a significant risk of unintended data modification, privacy exposure through content inspection, and operational disruption if files are misclassified or processed when the user did not intend to run the workflow.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal