Back to skill

Security audit

Steam Deck Disk

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only Steam Deck disk-maintenance skill, but it grants an agent enough authority to delete files automatically and make persistent root-level storage changes without strong safeguards.

Review this skill carefully before installing. Use it only for Steam Deck disk maintenance, keep automatic cleanup disabled unless you explicitly approve each deletion target, and do not run the /var expansion or systemd mount commands unless you have current backups and have verified the exact SteamOS partition layout.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Rogue AgentSelf-Modification, Session Persistence
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (8)

Description-Behavior Mismatch

Medium
Confidence
94% confidence
Finding
The file materially exceeds the advertised scope of disk cleanup/optimization by instructing users to modify partitions, unmount /var, and resize filesystems. That mismatch is dangerous because users may invoke the skill expecting low-risk cleanup guidance but instead receive destructive system-administration steps that can cause boot failure or data loss if performed incorrectly.

Vague Triggers

Medium
Confidence
95% confidence
Finding
The skill authorizes autonomous disk-cleanup behavior during a time window based only on utilization thresholds, without requiring a fresh user confirmation for a destructive action. Even if framed as 'safe cleanup,' automatic deletion can remove data the user expected to keep, especially when caches or temp files contain active session state or unsaved work artifacts.

Missing User Warnings

High
Confidence
98% confidence
Finding
This section explicitly labels multiple `rm -rf` commands as safe for automatic execution, but it does not provide sufficient safeguards, confirmation, preview, or rollback. Recursive forced deletion against broad paths like cache, `/tmp`, and wildcarded backups can cause irreversible loss of useful files or interfere with running applications if triggered automatically.

Sudo/Root Execution

Medium
Category
Privilege Escalation
Content
sudo umount /var

# 调整分区大小
sudo growpart /dev/nvme0n1 7

# 调整文件系统
sudo resize2fs /dev/nvme0n1p7
Confidence
97% confidence
Finding
sudo

Sudo/Root Execution

Medium
Category
Privilege Escalation
Content
sudo mkdir -p /home/var-extended/{lib,cache,spool,opt}

# 停止相关服务
sudo systemctl stop systemd-journald

# 移动现有数据
sudo rsync -av /var/lib/ /home/var-extended/lib/
Confidence
90% confidence
Finding
sudo

Sudo/Root Execution

Medium
Category
Privilege Escalation
Content
sudo systemctl stop systemd-journald

# 移动现有数据
sudo rsync -av /var/lib/ /home/var-extended/lib/
sudo rsync -av /var/cache/ /home/var-extended/cache/

# 创建 systemd mount 单元
Confidence
95% confidence
Finding
sudo

Sudo/Root Execution

Medium
Category
Privilege Escalation
Content
# 移动现有数据
sudo rsync -av /var/lib/ /home/var-extended/lib/
sudo rsync -av /var/cache/ /home/var-extended/cache/

# 创建 systemd mount 单元
sudo tee /etc/systemd/system/var-lib.mount <<EOF
Confidence
95% confidence
Finding
sudo

Session Persistence

Medium
Category
Rogue Agent
Content
EOF

sudo systemctl daemon-reload
sudo systemctl enable var-lib.mount
sudo systemctl start var-lib.mount
```
Confidence
94% confidence
Finding
systemctl enable

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.