Craft Connect

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward Craft API helper that can read and modify a user's Craft workspace, with risks that are expected for that purpose but should be handled carefully.

Install only if you want an agent to access and change your Craft workspace. Keep CRAFT_API_URL private, prefer protected secret storage over committing it in notes, review broad searches before running them, and require explicit confirmation before uploads, schema changes, moves, or deletes.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The skill explicitly states that the Craft API base URL contains an embedded link token, but it provides no warning that this URL is effectively a secret credential. Exposing or mishandling such a token can grant unauthorized access to the user's Craft space, including reading and modifying documents.

Missing User Warnings

Medium

Confidence: 90% confidence
Finding: The skill advertises full CRUD access over documents, blocks, folders, tasks, collections, and comments without an upfront safety warning about destructive operations. In practice, this can lead an agent or user to perform broad modifications or permanent deletions on remote data without sufficient confirmation or risk awareness.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal