Rdk X5 Ai Detect

Security checks across malware telemetry and agentic risk

Overview

This is a coherent RDK X5 AI inference guide, with one credential-handling caution in an RTSP example.

Install only if you use RDK X5/TogetheROS AI inference. Treat RTSP camera URLs as sensitive: replace the sample username/password with your own secure configuration method, avoid saving real camera passwords in shell history or shared files, and keep camera/web visualization access on trusted networks.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 97% confidence
Finding: The RTSP example embeds credentials directly in the command line, which encourages insecure handling of secrets. Command-line credentials can be exposed through shell history, process listings, screenshots, logs, and copied documentation, leading to credential disclosure and unauthorized access to cameras or related network resources.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal