Back to skill

Security audit

☁️ TCED Cloud Drive | 腾讯云企业网盘

Security checks across malware telemetry and agentic risk

Overview

This is a coherent Tencent Cloud Enterprise Drive connector, but installing it grants OAuth-based access to enterprise cloud files.

Install only if you intend to grant TCED OAuth access. Keep the pinned MCP package version, use only the official Tencent endpoints, protect ~/.tced-mcp/auth.json, authorize only needed spaces, and confirm upload/download paths before file transfers.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Context-Inappropriate Capability

Low
Confidence
88% confidence
Finding
The documentation explicitly states that `TCED_PAN_DOMAIN` and `TCED_BASE_PATH` determine where all API requests, including OAuth2 token traffic, are sent, and that these values are persisted to `~/.tced-mcp/auth.json`. This creates a real security risk because if those environment variables are misconfigured or attacker-controlled, access and refresh tokens could be sent to an untrusted endpoint and the unsafe configuration would survive across sessions.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The trigger list includes broad generic terms such as '网盘', 'cloud drive', 'file upload', 'file download', and 'cloud storage', which can cause the skill to activate in unrelated contexts involving ordinary file management. Because this skill can guide authentication and file operations against enterprise storage, accidental activation could steer users toward sensitive cloud actions they did not intend, increasing the chance of mistaken data access or disclosure.

Missing User Warnings

Medium
Confidence
84% confidence
Finding
The API reference documents uploads from arbitrary local paths and downloads to arbitrary local paths, but it does not clearly warn that these operations can read sensitive local files or overwrite user data on disk. In an agent/tooling context, this matters because a user may authorize seemingly routine file operations without understanding that local filesystem contents can be exfiltrated to the cloud or modified locally.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.