Sendfile Skill

Security checks across malware telemetry and agentic risk

Overview

The skill appears intended for temporary file sharing, but its instructions can publish more local content than the user may realize.

Install only if you are comfortable with the skill creating public links to local content. Use a dedicated temporary folder containing only the intended file, avoid confidential data, and stop the server or tunnel immediately after the transfer.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The skill directs the agent to run `python3 -m http.server` from the directory containing the target file and then expose that server publicly. If the directory contains other files, symlinks, or unintended artifacts, they become browseable and downloadable through the public tunnel, creating an inadvertent data exposure risk.

Missing User Warnings

Medium

Confidence: 89% confidence
Finding: The skill tells the agent to create a temporary public link and share it, but it does not clearly foreground that this publishes content to the public internet and that anyone with the link may access it during its lifetime. In an agent context, this omission increases the chance that sensitive or private files are exposed without informed operator intent.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal