Cron Manager

Security checks across malware telemetry and agentic risk

Overview

This cron manager can store and run local shell commands, and its documentation understates that level of control.

Install only if you intentionally want an agent-accessible cron tool that can run local shell commands. Review every command before adding or running it, restrict who can create tasks, use simple safe task names, and periodically inspect persisted task files and logs.

SkillSpector

By NVIDIA

Vulnerability Patterns

Behavioral ASTexec() Call, eval() Call, Dynamic Import
Taint TrackingDirect Taint Flow, Variable-Mediated Taint Flow, Credential Exfiltration Chain
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (2)

subprocess module call

Medium

Category: Dangerous Code Execution
Content: # Execute the command start = datetime.now(pytz.UTC) try: result = subprocess.run(task['command'], shell=True, capture_output=True, text=True, timeout=300) success = result.returncode == 0 output = result.stdout[-1000:] if result.stdout else '' error = result.stderr[-1000:] if result.stderr else ''
Confidence: 99% confidence
Finding: result = subprocess.run(task['command'], shell=True, capture_output=True, text=True, timeout=300)

Tainted flow: 'log_file' from os.environ.get (line 246, credential/environment) → open (file write)

Medium

Category: Data Flow
Content: def add_log_entry(task_id: str, entry: dict): """Add a log entry for task execution.""" log_file = os.path.join(LOGS_DIR, f"{task_id}.jsonl") with open(log_file, 'a') as f: f.write(json.dumps(entry) + '\n')
Confidence: 93% confidence
Finding: with open(log_file, 'a') as f:

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal