Billy — SAPCONET SSH Bridge

Security checks across malware telemetry and agentic risk

Overview

The skill is a disclosed SSH bridge, but one message script can let crafted message text become commands on the remote SAPCONET host.

Install only if you intentionally use this SAPCONET SSH target. Before running, verify SAPCONET_TARGET, use a least-privileged SSH account, and fix scripts/msg-sapconet.sh to pass message text safely, such as through stdin or strict quoting, before allowing untrusted or variable message content.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 90% confidence
Finding: This shell script sends the provided message over SSH to a remote host, which is a network operation that transmits user-supplied data. Although there is a placeholder comment, there is no user-facing confirmation, warning, or explanatory output about the remote transmission behavior in the script itself.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal