gcp-storage-manager

Security checks across malware telemetry and agentic risk

Overview

This appears to be a normal Google Cloud Storage helper, but users should treat its cloud credential and storage access carefully.

Install only if you intend to let the agent work with your Google Cloud Storage resources. Use a least-privilege key limited to the specific project and buckets needed, avoid pasting secrets into chat or logs, and manually confirm any write, overwrite, delete, or public-access changes.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 89% confidence
Finding: The invocation guidance is overly broad, such as 'User needs gcp related functionality' and 'Cloud operations,' which can cause an agent to select this skill outside its intended scope. In a credentialed cloud-management skill, ambiguous routing increases the chance of unintended storage actions, misuse of privileged access, or execution in contexts where safer or narrower tools should be used.

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The skill instructs users to set an API key but provides no warnings about secret handling, least privilege, logging exposure, or the risks of performing cloud storage operations. Because this skill manages GCP storage, missing safety guidance can lead to credential leakage, unsafe automation, or accidental modification/exfiltration of cloud data.

VirusTotal

51/51 vendors flagged this skill as clean.

View on VirusTotal