Fd Find

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward fd file-search helper, but users should be careful with its deletion examples.

Install fd from a trusted package manager. Before using any example with rm, xargs, -x, or bulk copy operations, first run the fd search by itself to review the matched files and scope the directory narrowly.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The skill includes destructive file-deletion examples without any warning, confirmation step, or safer preview alternative. In an agent skill context, users may copy these commands directly or an automation system may adapt them, increasing the chance of accidental irreversible data loss.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The 'Find and delete old files' example demonstrates direct deletion based on time filters, which can easily match more files than intended if run in the wrong directory or with misunderstood date semantics. Because the command is irreversible and presented as a normal use case, it creates a meaningful risk of accidental mass deletion.

VirusTotal

60/60 vendors flagged this skill as clean.

View on VirusTotal