Split Tool

Security checks across malware telemetry and agentic risk

Overview

This is a simple local file-splitting helper with an overwrite footgun, but no evidence of hidden access, exfiltration, persistence, or malicious behavior.

Install only if you are comfortable with a local script that creates output files in the current directory or wherever the prefix points. Run it in a dedicated output folder or use a unique prefix to avoid overwriting existing files, and do not rely on the documented -n option or exact line-count splitting unless the implementation is fixed.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The tool opens output paths derived from a user-supplied prefix in plain 'wb' mode, which will silently truncate any existing matching files. In an agent or automation context, a crafted or mistaken prefix can overwrite important local files in the current working directory or at arbitrary writable paths, causing data loss or corruption.

VirusTotal

42/42 vendors flagged this skill as clean.

View on VirusTotal