Back to skill

Security audit

Test

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed AList cloud-file-management skill, but users should treat its credentials and delete or move commands carefully.

Install only if you intend to connect an AList account. Store the password in a trusted secret mechanism, prefer least-privilege credentials, and verify remote paths before upload, move, or delete operations. Because the referenced helper script is not included in this package, review the actual CLI implementation before using it with real storage.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
91% confidence
Finding
The trigger text is broad enough to activate on generic file-management or cloud-storage requests, which can cause the agent to invoke this skill in contexts the user did not specifically intend. Because the skill supports state-changing operations like upload, move, and delete, overbroad routing increases the chance of unintended access or destructive actions.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The skill advertises destructive capabilities such as rm and mv without any warning about deletion, overwrites, or other data-impacting behavior. In an agent setting, this increases the risk that users or upstream planners invoke dangerous operations without understanding that files may be removed or altered irreversibly.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.