File Downloader

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward URL-to-file downloader, with ordinary risks from saving untrusted remote files locally.

Use this only with URLs you trust, choose an explicit destination such as a dedicated downloads folder, and avoid saving over important project, configuration, or system files. Treat downloaded content as untrusted until you inspect it.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 96% confidence
Finding: The skill clearly instructs the agent to perform network access by downloading from arbitrary HTTP/HTTPS URLs, but the skill metadata does not declare any corresponding permission. This creates a transparency and policy-enforcement gap: reviewers or runtime controls may underestimate the skill's capabilities, and users are not explicitly informed that invoking it will reach out to external hosts.

Missing User Warnings

Low

Confidence: 91% confidence
Finding: The skill description explains that it downloads remote content and saves it locally, but it does not prominently warn users that a file write will occur and that omission of save_path may write into a default local directory using the remote filename. This can lead to unintended local file creation, confusion about file location, and increased risk when users provide untrusted URLs without realizing the operation persists data to disk.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal