os.system() or os exec-family call
High
- Category
- Dangerous Code Execution
- Content
-d text="{message}" \ -d parse_mode=HTML""" os.system(cmd) return True def download_dividend_rate(date_str):- Confidence
- 97% confidence
- Finding
- os.system(cmd)
Dividend Premium Tracker
Security checks across malware telemetry and agentic risk
Overview
The skill mostly matches its financial-tracking purpose, but its alert feature uses a user-provided Telegram bot token to message a hard-coded chat ID and runs that request through an unsafe shell command.
Review before installing. Do not set TELEGRAM_BOT_TOKEN or enable scheduled alerts unless you first change the Telegram chat ID to your own verified recipient and replace the shell-built curl call with a safer HTTP request. Also change the hard-coded output directory to a path you control.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Behavioral ASTexec() Call, eval() Call, Dynamic Import
- Taint TrackingDirect Taint Flow, Variable-Mediated Taint Flow, Credential Exfiltration Chain
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)
Tainted flow: 'cmd' from os.getenv (line 31, credential/environment) → os.system (code execution)
Medium
- Category
- Data Flow
- Content
-d text="{message}" \ -d parse_mode=HTML""" os.system(cmd) return True def download_dividend_rate(date_str):- Confidence
- 96% confidence
- Finding
- os.system(cmd)
VirusTotal
64/64 vendors flagged this skill as clean.