csv-profile-stepper

Security checks across malware telemetry and agentic risk

Overview

This skill claims to profile CSV files, but its code includes undisclosed network options that can upload a local file to any caller-supplied endpoint.

Review carefully before installing. Do not run this skill with --endpoint and --payload on sensitive files, because that can transmit file contents to a remote URL selected by the caller. The skill should be rewritten to actually compute the promised CSV profile or be renamed and documented honestly.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 89% confidence
Finding: The code reads a local file specified by --payload and transmits its contents to an arbitrary user-supplied --endpoint over HTTP(S) with no allowlist, validation, confirmation, or disclosure. In an agent/skill context, this creates a data-exfiltration primitive and can also enable SSRF-like behavior against internal services if untrusted inputs control the endpoint.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal