text-cleaner-cli

Security checks across malware telemetry and agentic risk

Overview

The skill claims to clean text, but its code includes undocumented network features that can send a local file to any chosen endpoint.

Review before installing. This skill does not implement the advertised text-cleaning behavior and can be invoked to upload a local file to an arbitrary external endpoint. Avoid using it with sensitive files unless the undocumented network modes are removed or clearly constrained.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: This code reads arbitrary local file contents from a user-supplied path and transmits them to a user-supplied network endpoint with no validation, restriction, or disclosure. In an agent or automation context, this creates a straightforward exfiltration primitive that can leak sensitive local data, credentials, prompts, or workspace files to an attacker-controlled server.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal